Search Engine: Elastic

Article ID: 134641, created on Dec 20, 2019, last review on Dec 24, 2019

Symptoms

You need to disable old SSL/TLS protocols and enable new ones on your Office 365 Application Endpoint Host.

Cause

Old SSL/TLS protocols have security vulnerabilities.

Resolution

How To Enable New SSL/TLS Protocols At The Office 365 Application Endpoint Level (For Outgoing Connections Only)

By default, only SSL 3.0 and TLS 1.0 are enabled. To enable TLS 1.1 and TLS 1.2, you must update the Windows Registry in the following way:

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001

You can update the Windows Registry by using regedit or by using the configure_ssl_net_framwork.reg file from configure_ssl_net_framwork.zip.

Note: If these registry settings do not exist, you must create them.

To learn more about these registry settings, please refer to this article.

How To Disable Old SSL/TLS Protocols At The Windows Host Level

Old SSL/TLS protocols can be disabled via SCHANNEL registry settings:

[HKLM SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\<VERSION>\Client]

"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001

[HKLM SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\<VERSION>\Server]

"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001

<VERSION> is a protocol version (SSL 2.0, SSL 3.0, TLS 1.0, TLS 1.1, or TLS 1.2).

Note that SSL 2.0 is disabled by default, and we recommend that you disable SSL 3.0 and TLS 1.0.

Note: If these registry settings do not exist, you must create them.

To learn more about these registry settings, please refer to this article.

Important: Before disabling old SSL/TLS protocols on your Office 365 Application Endpoint Host, make sure that new SSL/TLS protocols work for your Odin Automation version.

Email subscription for changes to this article
Save as PDF
网赌被黑账号违规套利不给提款该怎么办?