How to disable TLS 1.0 on exchange 2010

exchange-2010 tls
10,823

Sam,

Per this TechNet discussion, it may still be the case that TLS 1.0 is required for Exchange 2010 to function properly.

There is KB article that includes a fix for this: https://support.microsoft.com/en-us/kb/3029667

However, the TechNet discussion still states it may not resolve it correctly and Exchange 2010 could still have issues:

After installing Rollup 9 and ensuring 1.0 and SSL 3 are disabled, SMTP should begin using 1.1 or 1.2 without further changes. As you mentioned, Exchange Web Services (Out of Office, Free/Busy) will not function correctly with this current implementation.

Share:
10,823

Related videos on Youtube

ANKUR SHARMA
Author by

ANKUR SHARMA

Updated on September 18, 2022

Comments

  • ANKUR SHARMA
    ANKUR SHARMA over 1 year

    We had a PCI scan and it wants us to disable TLS 1.0 on our server 2008 R2 server running Exchange 2010 (14.03.0248.002). I used IIS Crypto 1.6 build 7 to disable it. SSLLabs gives us an A now, but autodiscover stoped working correctly. I used the "Test E-mail AutoConfiguration" tool and it says...

    Auoconfiguration was unable to determine your setting!

    in the log tab...

    Attempting URL xttps://mail.example.com/autodiscover/autodiscover.xml found through SCP
Autodiscover to xttps://mail.example.com/autodiscover/autodiscover.xml stating GetLastError=12030; xttpStatus=0.
Autodiscover to xttps://mail.example.com/autodiscover/autodiscover.xml Failed (0x800C8203)

    ERROR_WINHTTP_CONNECTION_ERROR

    12030

The connection with the server has been reset or terminated, or an incompatible SSL protocol was encountered. For example, WinHTTP version 5.1 does not support SSL2 unless the client specifically enables it.

    I did some google searched and did find much. Any Ideas how to do this?

    • Grant
      Grant almost 9 years
      Please give the actual domain name so we can check your configuration.
  • Drifter104
    Drifter104 almost 9 years
    You will need to turn tls1.0 back on and then dispute the pci It is a known issue and providing it was an existing application you should be ok until June 2016 security.stackexchange.com/questions/87071/…

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Exchange: use Port 110 for both POP3 & POP3/SSL?
Does Exchange 2010 encrypt inbound and outbound email traffic by default?
How force that all connections to my Apache use TLSv1.1 or TLSv1.2?
curl: (35) error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version /home/mohan/mesg
How to establish a webdav connection with TLS client certificate authentication in Ubuntu?
OpenSSL not picking up CAs in certs folder by default
Apt-get SSL client certificate not working on 16.04 (Error while reading file)
SSL/TLS error with links and lynx - possibly due to CloudFlare
How to send TLS syslog message via logger command
How to enable TLS 1.2 in apache?