Blog Post

Microsoft Entra Blog
3 MIN READ

Act fast to secure your infrastructure by moving to TLS 1.2!

ShobhitSahay's avatar
ShobhitSahay
Icon for Microsoft rankMicrosoft
Nov 22, 2021
Protecting sensitive data by putting the right security controls in place is of the utmost importance for every organization. This requires constantly evolving to satisfy standards and regulations th...
Updated Nov 22, 2021
Version 2.0
Product Announcements
ShobhitSahay's avatar
Icon for Microsoft rankMicrosoft
Joined October 17, 2018
View Profile
Microsoft Entra Blog
Stay informed on how to secure access for employees, customers, and non-human identities, from anywhere, to multicloud and on-premises resources, with comprehensive identity and network access solutions powered by AI.
Abizerh's avatar
Abizerh
Icon for Microsoft rankMicrosoft
Dec 02, 2021

prakashjha most of the client applications mentioned above do not negotiate or prefer a TLS protocol to use but rely on .Net framework or Winhttp to negotiate the TLS protocols to use. So one needs to check 

  1. If OS platform supports TLS 1.2 by default or needs an update to support it. You may also want to check if TLS 1.2 has been disabled at OS level via the registry.
  2. If OS Platform supports TLS 1.2 and the same is enabled in registry, do you have a web proxy or VPN that may be downgrading the TLS protocols to a lower version.
  3. If applications like Office that rely on .Net framework, ensure .Net framework is updated and configured to rely of the OS defaults for TLS.
  4. Try an update the application if there is a newer version available based on your OS version.

More details of OS platform that support TLS 1.2, .Net framework updates and registry configuration to check if TLS 1.2 is disabled or .Net framework is configured to support OS defaults is mentioned in the article Enable TLS 1.2 support as Azure AD TLS 1.0/1.1 is deprecated - Active Directory | Microsoft Docs