We are running an IIS server on Windows Server 2008 R2. We have an SHA2 SSL certificate. SSL over http works fine. We want to do FTPS and we have it setup "properly". We want to require 128 bit encryption and have that setting specified as well. However, when we try to connect we get a 425 error opening the data channel.
If we turn off the 128 bit encryption requirement - the FTPS does work.
Now - if I create a self signed certificate and utilze it, the FTPS works properly as well. So this is some sort of issue with IIS 7.5 and FTPS using an SHA2 certificate.
We have an SHA1 certificate on another server that does work well for FTPS as well.
So I'm asking - what can we do to get our SHA2 certificate to be sufficient for 128 bit encryption wiht FTPS?
Thanks