Update: please see our official documentation which is now available on this subject: Exchange Server TLS configuration best practices.
Overview
In part 3 of our Exchange Server TLS Guidance seri...
Updated Aug 08, 2022
Version 5.0
Blog Post
Hi, Exchange Team.
I followed your steps through the blog posts, and I've completed the transition to TLS 1.2. However, when I go to ExRCA to run Autodiscover tests, I get SSL failure errors:
- The SSL certificate failed one or more certificate validation checks.
- The Microsoft Connectivity Analyzer wasn't able to obtain the remote SSL certificate.
- The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
I would note that mail flow is normal; the Autodiscover stuff just isn't working.
Nothing else has changed on my server except disabling TLS 1.0/1.1. I did notice that ExRCA hasn't been updated since October 2015, so perhaps it doesn't take into account the push for modern TLS and is still assuming TLS 1.0 support? Who would be the proper team to speak to for that to be updated?
Thanks,
Rick
Hi Guys
A simple question. If current mail solutions ex Exchange 2010, 2013 and 2016 isn't updated with the latest CU updates, will that solution then have issues delivering mails to Office 365 organizations?
Thanks,
Simon