I have an IIS server with a public certificate from one of the big guys. Chrome says:
"Your connection to mydomain.com is encrypted using an obsolete cipher suite. The connection uses TLS 1.2. The connection is encrypted using AES_128_CBC, with HMAC-SHA1 for message authentication and RSA as the key exchange mechanism"
I created the initial CSR on a Windows 2008 R2 server using the certificates MMC and "Advanced > Create custom request. For the private key I chose 2048 length and SHA384 algorithm.
What other option(s) in here will lead to me have a cipher suite that isn't "obsolete"? I chose RSA as the Cryptographic Service Provider. Do I need to choose something else in the list instead?
Thanks!