Forum Discussion

ckajit's avatar
ckajit
Copper Contributor
Apr 25, 2022

Disable TLS 1.0 and 1.1 on exchange server 2016

Hello,

 

Current setup consists of exchange server 2016 cu21 and windows server 2012 r2

TLS 1.2 is enabled and TLS 1.0 and 1.1 is planned to be disabled on all 6 production exchange servers

We plan to disable legacy TLS on 2 servers , restart and then plan to disable legacy tls on remaining servers

 

Is this approach correct

 

Regards,

Ajit

  • More important is verifying that all of your apps that may communicate with your Exchange servers support TLS 1.2 before disabling TLS 1.0/1.1 ..
    If you disable TLS 1.0/1.1 on only two and it looks OK, how will you be sure that there are no issues with any apps ? They may still be talking to the other four servers.
    If you disable TLS 1.0/1.1 on only two, and there are intermittent issues, how are you going to narrow the problem down ?
  • Sam_T's avatar
    Sam_T
    Iron Contributor
    More important is verifying that all of your apps that may communicate with your Exchange servers support TLS 1.2 before disabling TLS 1.0/1.1 ..
    If you disable TLS 1.0/1.1 on only two and it looks OK, how will you be sure that there are no issues with any apps ? They may still be talking to the other four servers.
    If you disable TLS 1.0/1.1 on only two, and there are intermittent issues, how are you going to narrow the problem down ?

Resources