Link to home
Create AccountLog in
Avatar of pramod1
pramod1Flag for United States of America

asked on

exchange

how do I know I am using tls1.2 or 1.1 in email

I have exchange 2010 sp3
Avatar of Sean
Sean
Flag of United States of America image

Easiest way is to run IISCrypto

https://www.nartac.com/Products/IISCrypto

It tells you what protocols are currently being used and allows you to enable/disable them. Just run it on your exchange servers but do so with cation if you are making changes.
Avatar of pramod1

ASKER

any other way I can check on my exchange server or smtp gateway
ASKER CERTIFIED SOLUTION
Avatar of Sean
Sean
Flag of United States of America image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of pramod1

ASKER

it says in header "Microsoft SMTP Server (TLS) don't know what version??
Avatar of pramod1

ASKER

Microsoft SMTP Server (TLS) id
 14.3.301., what does this mean
I believe that means it's using 1.0 but I'm not 100%. Mine shows version=TLS1_2.
Avatar of Vidit Bhardwaj
Vidit Bhardwaj

Two ways check the send connector protocol logs, you will see something like TLS1-1 and so on

Collect network trace look for TLS handshake and to verion being used.

Also on exchange server check these keys are enabled or not, usually it is recommend to enable all TLS Verizon if you are not on latest update.

https://support.quovadisglobal.com/kb/a433/how-to-enable-tls-1_2-on-windows-server-2008-r2.aspx

Don't make any changes just verify if all TLS versions are enabled, in Windows 2008r2 it is not enabled by default