Forum Discussion
Office365 connectivity test:
Hi CocoKola, could you please help me with the following 3 questions?
1. Is TLS 1.2 protocol disabled on your machine?
M365 connectivity test tool service requires TLS 1.2 to establish SSL connections. You may check that on your registry editor to see if it's disabled. You could search "Registry Editor" in the taskbar and open it, then navigate to the following path:
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols
TLS 1.2 should be enabled to use M365 Connectivity Test Tool .exe client.
2. Are the following two cipher suite on your machine?TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (
0xc030)
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)Cipher suite can also be checked in Registry Editor. The path is:
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\CipherSuite
Those two cipher suites are required by the connectivity test tool service.
3. is .NET Desktop Runtime 6 installed on the machine?
This shouldn't be the reason for the SSL connection failure but I see the exception code 0xe0434352 in the crash log you provided in the comment on May 21st, so just want to double-confirm. Is the crash log below from the issue in the original post saying "Unable to connect to origin. Inner exception message: The SSL connection could not be established, see inner exception" shows when executing the rich client?
If the TLS and cipher suites configuration are unknown, you can also try to enable them on the machine using this software or modify the registry through the Registry Editor and see if the issue can be resolved.
The software is NARTAC which can be downloaded from:
https://www.nartac.com/Products/IISCrypto/DownloadNo installation requires. Checking the needed TLS protocol and Cipher Suite should work.
MicrosoftHi CocoKola, could you please help me with the following 3 questions?
1. Is TLS 1.2 protocol disabled on your machine?
M365 connectivity test tool service requires TLS 1.2 to establish SSL connections. You may check that on your registry editor to see if it's disabled. You could search "Registry Editor" in the taskbar and open it, then navigate to the following path:
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols
TLS 1.2 should be enabled to use M365 Connectivity Test Tool .exe client.
2. Are the following two cipher suite on your machine?
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
Cipher suite can also be checked in Registry Editor. The path is:
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\CipherSuite
Those two cipher suites are required by the connectivity test tool service.
3. is .NET Desktop Runtime 6 installed on the machine?
This shouldn't be the reason for the SSL connection failure but I see the exception code 0xe0434352 in the crash log you provided in the comment on May 21st, so just want to double-confirm. Is the crash log below from the issue in the original post saying "Unable to connect to origin. Inner exception message: The SSL connection could not be established, see inner exception" shows when executing the rich client?
If the TLS and cipher suites configuration are unknown, you can also try to enable them on the machine using this software or modify the registry through the Registry Editor and see if the issue can be resolved.
The software is NARTAC which can be downloaded from:
https://www.nartac.com/Products/IISCrypto/Download
No installation requires. Checking the needed TLS protocol and Cipher Suite should work.
I have run multiple virus/rootkit/etc scanners from multiple vendors and never found anything on my system. I will search and audio my system for reg key changes for that key.
if there is something on my system that sets that key. I will change permissions to remove all access to change this key without a specific user account to keep it this way and document the expectation case.
I will test everything else and report back.
Stand by for full confirmation of other things broken.