问题
I am aware that Windows 2003 SP 2 doesn't support TLS 1.2 protocol. However, is there any workaround to enable this for paypal integration avoiding migrating to windows 2008? Thanks.
回答1:
If you mean the usage of IIS with TLS 1.2 on Windows 2003 then the answer will be "You can't".
The only way, which I could recommend you is the usage of some another web server on Windows 2003, which uses an alternative SSL/TLS library like OpenSSL for TLS. For example nginx web server. You can download and install OpenSSL first of all (from here) and then Windows binaries from here and follow the installation instructions. I should remark that I don't try it on so old Windows. Nginx warns that some modules (like caching module) could not work on old Windows, but you can still try to configure Nginx to use TLS 1.2 (see here and here) and I hope it should work. You will need to use OpenSSL to convert SSL certificate, which you use currently to OpenSSL format, which you need to specify in nginx.conf.
回答2:
I don't know if this information would help with Paypal integration. However, we needed a solution for our site, hosted on OS2003, because of certificate errors associated with TLS 1.0. Using freely available Microsoft tools and components, our network administrator was able to create a workaround for our problem by implementing a reverse proxy on a server using Windows Server 2012.
The client connects to the OS2012 server, serving as the reverse proxy, using TLS 1.2. The reverse proxy, however, forwards the request to the OS2003 server, located within the company network, using TLS 1.0. Vice versa for the response. The browser no longer displays messages to users connected to the website, hosted on the OS2003 server, indicating that the SSL certificate is not secure.
Our systems engineer had never done this before, so there was a bit of a learning curve. However, he was able to successfully pull this off, and as a result, we're able to buy more time to build a new website to replace the OS2003 site.
来源:https://stackoverflow.com/questions/36791513/how-to-enable-tls-1-2-protocol-on-windows-2003