Discontinued Support for Transport Layer Security (TLS)

Versions 1.0 and 1.1

Many sources have already shut down TLS 1.0/1.1 and Windows 10 and updated versions of Office (365) already support it, however, there may be some machines running Windows 7 that may not be compliant with these changes, especially those running older versions of Office (2010). Soon, 365 will retire the 3DES cipher usage. This will require older PC OS (Windows 7 & 8/8.1) to be patched and communicating on TLS 1.2 by default in order to communicate with Exchange Online. Windows 10 is ready by default, as are up to date versions of Office, and 365 versions.

To do so, I’ve prepared 2 files in the attached ZIP:

 – DefaultSecureProtocolsUpdate.msi – 

       –  This is a Microsoft Easy Fix that will update the necessary protocols and set them as default.

 – TLS Negotiation_WIN7.reg – 

       –  Prevents TLS 1.1/1.2 from being disabled on Windows 7 machines as Windows 7 still negotiates over 1.1 for some WinHTTP-based applications.

To apply the update, run the DefaultSecureProtocolsUpdate.msi, and follow it with merging the attached registry file. (TLS Negotiation_WIN7.reg) The registry entries are HKLM meaning, it’s applied for the entire computer and does not have to be done per each profile. In the event that the PC is already patched, the installer will not make any changes.

  1. Determine which TLS versions you want to enable, and determine the corresponding value for DefaultSecureProtocols (which we will add shortly):
    1. For only TLS 1.1 and 1.2, the value will be 0xA00
    2. For TLS 1.0, 1.1, and 1.2, the value will be 0xA80
  2. Install the or verify the KB3140245 update (https://www.catalog.update.microsoft.com/search.aspx?q=kb3140245)
  3. Create a DWORD value called DefaultSecureProtocols in both of the following locations and set its value to the value determined in Step 1:
    1. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp
    2. HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp
  4. Be sure to create the DisabledByDefault DWORD value and set it to 0 in the following locations:
    1. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client
    2. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client
  5. Reboot the PC

Need more assistance? Contact Us today.

Meet our Team Get a Quote Read Reviews

CONTACT US

  • Call: 314-343-1800
  • Contact

    Use red “Contact Us” button (right)

  • Chat

    Use red “We are online” button (bottom)

BUSINESS HOURS

Monday – Friday: 8am – 5pm
Saturday – Sunday: Closed
24 Hour Support Service Available

Customers Receiving Support:

Disclaimer: Acumen Consulting is an independent service provider of technical service for business networks. We have reseller partner agreements with all of the companies and brands for which we are offering service on acumenitsupport.com. All partner trademarks, registers trademarks, company names, product names, and brand names, are the property of their respective owners. We provide ONLY reseller services for the products listed.

Outlook Unexpectedly Redirects to 365 Create Tasks to Cycle Eaglesoft DB Services
Call Now