Today we are announcing the availability of the 2024 H1 Cumulative Update (CU) for Exchange Server 2019 (aka CU14). CU14 includes fixes for customer reported issues, a security change, and all previo...
Updated Feb 22, 2024
Version 11.0
Blog Post
LukasSMSFT
Microsoft
Microsoftyyagi we show this in yellow (as a warning) since you’re running Windows Server 2022 with Exchange 2019 CU14 and therefore, the latest supported .Net version is 4.8.1. It’s nothing that you need to address immediately. It’s just to highlight that there is something newer available.
Pankaj_Messaging_Specialist we've updated the Exchange Server TLS documentation. It explains how these two settings are working.
SchUseStrongCrypto affects only client (outgoing) connections in your application. By configuring .NET Framework 4.x to inherit its values from Schannel we gain the ability to use the latest versions of TLS supported by the OS, including TLS 1.2.
It affects therefore, outgoing connections (e.g., from on Exchange server to another Exchange server).
Find the documentation here: https://learn.microsoft.com/en-us/exchange/plan-and-deploy/post-installation-tasks/security-best-practices/exchange-tls-configuration?view=exchserver-2019#preparing-net-framework-to-inherit-defaults-from-schannel
Regarding SSL Passthrough: If I understand this correctly, SSL passthrough (as the name already outlined) doesn't perform any decryption on the device (e.g., Load Balancer) and should therefore work (because we don't intercept the encrypted connection that was established between the client and the Exchange server).