Update: please see our official documentation which is now available on this subject: Exchange Server TLS configuration best practices.
Overview
In part 2 of our Exchange Server TLS Guidance seri...
Updated Aug 08, 2022
Version 5.0
Blog Post
10 MIN READ
Exchange Server TLS guidance Part 2: Enabling TLS 1.2 and Identifying Clients Not Using It
Hi The_Exchange_Team would like to say thanks for this article as the TLS guide on docs are really all over the place and this is the first comprehensive guide I see.
One thing to add is PowerShell. By Default PowerShell 5.1 does not use TLS 1.2. In effect this will prevent any downloads from public repositories like github via Nuget etc.
TLS 1.2 for PowerShell can be activated via:
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Also all of the above measures as described .net 3.5, 4.x, SChannel, do not include to upgrade IE properties. One should consider to deploy a GPO policy for "Internet Options" for IE and new Edge to use TLS 1.2 (only).
With all of the above measures a TLS 1.2 transition should be complete.
Also all of the above measures as described .net 3.5, 4.x, SChannel, do not include to upgrade IE properties. One should consider to deploy a GPO policy for "Internet Options" for IE and new Edge to use TLS 1.2 (only).
With all of the above measures a TLS 1.2 transition should be complete.