Enable TLS 1.2 In Exchange 2010 Server Running On Windows 2008R2 Server - IT World | Technology Site | Exchange | system | office 365 | vmware | veeam | azure | Windows Server | Enable TLS 1.2 In Exchange 2010 Server Running On Windows 2008R2 Server IT World | Technology Site | Exchange | system | office 365 | vmware | veeam | azure | Windows Server | Yaniv Totshvili IT World | Technology Site | Exchange | system | office 365 | vmware | veeam | azure | Windows Server | IT World | Technology Site | Exchange | system | office 365 | vmware | veeam | azure | Windows Server | Yaniv Totshvili Enable TLS 1.2 In Exchange 2010 Server Running On Windows 2008R2 Server Exchange 2019 windows 2019

TLS 1.2 is NOT enabled on Windows 2008R2 Server with Exchange 2010 SP3 installed by default, and the following error message is prompted when accessing Outlook Web Mail (https://mail.yshvili.com) with Google Chrome

PowerShell to Enable TLS 1.2 and Disable TLS 1.1, SSL 2.0 & SSL 3.0

# Enable TLS 1.2 on Windows 2008R2 
$Path ="HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\"
New-Item -Path $Path -Name "TLS 1.2"
New-Item -Path $Path\"TLS 1.2" -Name "Client"
New-Item -Path $Path\"TLS 1.2" -Name "Server"
New-ItemProperty 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\TLS 1.2\Client' -Name "DisabledByDefault" -Value 0 -PropertyType "DWord"
New-ItemProperty 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\TLS 1.2\Server' -Name "DisabledByDefault" -Value 0 -PropertyType "DWord"

# Disabled TLS 1.1 on Windows 2008R2 
New-Item -Path $Path -Name "TLS 1.1"
New-Item -Path $Path\"TLS 1.1" -Name "Client"
New-Item -Path $Path\"TLS 1.1" -Name "Server"
New-ItemProperty 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\TLS 1.1\Client' -Name "DisabledByDefault" -Value 1 -PropertyType "DWord"
New-ItemProperty 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\TLS 1.1\Server' -Name "DisabledByDefault" -Value 1 -PropertyType "DWord"

#Disable SSL 2.0
New-Item -Path $Path\"SSL 2.0" -Name "Server"
New-ItemProperty 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\SSL 2.0\Server' -Name "DisabledByDefault" -Value 1 -PropertyType "DWord"

#Disable SSL 3.0
New-Item -Path $Path -Name "SSL 3.0"
New-Item -Path $Path\"SSL 3.0" -Name "Client"
New-Item -Path $Path\"SSL 3.0" -Name "Server"
New-ItemProperty 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\SSL 3.0\Client' -Name "DisabledByDefault" -Value 1 -PropertyType "DWord"
New-ItemProperty 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\SSL 3.0\Server' -Name "DisabledByDefault" -Value 1 -PropertyType "DWord"

#Reboot Server
#Restart-Computer
DONE :-)

Verify the Exchange 2010 version installed

Verify the version of the existing Exchange 2010 Server by referring to Exchange Server build numbers and release dates

Get-Command ExSetup | ForEach {$_.FileVersionInfo}

Leave a Reply Cancel reply