By default, Windows Server 2003 runs Secure Sockets Layer (SSL) in user mode. Beginning with Service Pack 1 (SP1), Windows 2003 offered the option of running SSL in kernel mode. This can improve overall Internet Information Services (IIS) performance, because kernel mode moves all encryption and decryption operations to the kernel. That move dramatically decreases down the number of transactions that must be made between kernel mode and user mode. Kernel mode also reduces the memory consumption of server-side processes. In turn, that makes more memory available to Communicator Web Access. Note that this applies only to Windows Server 2003. Windows 2008 uses a form of kernel mode SSL by default.

To enable kernel mode SSL in Windows Server 2003 you must create and configure a new registry value, and then restart the HTTP service. If you later decide to disable kernel SSL mode simply set this new registry value (that is, EnableKernelSSL) to 0 (that is, zero).

To enable kernel SSL mode on Windows Server 2003

  1. Open Registry Editor and locate the registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters.

  2. In the Parameterskey, right-click a blank area of the window pane, click New, and then click DWORD Value.

  3. After the new value is created, type EnableKernelSSLto rename the value.

  4. Double-click EnableKernelSSL.

  5. In the Edit DWORD Valuedialog box, type 1in the Value databox and then click OK.

  6. Restart the HTTP service by opening a command window, typing net stop http, and then pressing ENTER.

  7. When asked whether you want to continue the operation, type yand then press ENTER.

  8. After all the services have been stopped, type net start httpin the command window to restart the HTTP service.