I need to ensure that servers have been properly configured to prevent the usage of SSL2/3 and TLS1.0/1.1 and ensure that only TLS1.2 is enabled.
In addition I need to ensure that certain ciphers are enabled/disabled to meet PCI/HIPAA requirements.
I've found plenty of one off scripts and applications. IISCrypto (nartac) and https://www.hass.de/files/nodes/story/58/setupiisforsslperfectforwardsecrecy_v3.0.0.ps1
What I really need is a DSC resource for cleanly enabling/disabling protocols and ciphers.
I cant seem to find any DSC-resources to perform the needed task.