Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Exchange 2013 breaks after disabling TLS 1.0 - Version 15.0 (Build 1156.6)

Posted on 2016-11-04
1
94 Views
1 Endorsement
Last Modified: 2016-11-09
After we disabled TLS 1.0 on the Exchange server running version 15.0 (Build 1156.6), all mail flow stopped. I know it was a known issue until early this year so I wondering if the issue has been resolved in any of the three Cumulative Updates released this year (12, 13 or 14)?

In my research I found this patch - https://support.microsoft.com/en-us/kb/3045301 - which was included in the CU8, but I see that we have CU11 installed on the server.

We are planning on installing CU14 in hopes that it resolves the issue, please let me know if anyone has any feedback on this issue or patch.

Thank you for your help.
1
Comment
Question by:Daaniyal Kalim
1 Comment
 
LVL 2

Accepted Solution

by:
Mikhail Sartaev earned 500 total points
ID: 41876021
https://blogs.technet.microsoft.com/exchange/2015/07/27/exchange-tls-ssl-best-practices/
SMTP is notably a protocol where Exchange acts as both a client and a server. Some older server implementations have been observed to incorrectly implement version negotiation.  In these cases, the remote servers terminate the connection when Exchange (acting as a client) offers a version newer than TLS 1.0.
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Find out what you should include to make the best professional email signature for your organization.
In this Micro Tutorial viewers will learn how they can get their files copied out from their unbootable system without need to use recovery services. As an example non-bootable Windows 2012R2 installation is used which has boot problems.
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question