Forum Discussion
TLS Client issues on Exchange server on premise
hi all,
I have on-premise Exchange 2013. When I send email to 1 particular domain it returns "530 Must issue STARTTLS". This got me thinking that my TLS settings might be misconfigured. So i did try online CheckTLS tool.
It appears that I have no problems sending encrypted emails (TLS1.2). When I send emails from my domain to my gmail account I can see TLS1.2 in the header also.
However when I tested receiving it says "TLS is not an option for this server".
It seems like i've tried everything from here https://learn.microsoft.com/en-us/exchange/plan-and-deploy/post-installation-tasks/security-best-practices/exchange-tls-configuration?view=exchserver-2019
The one thing I did not try is to disable TLS1.0 and 1.1, but can this be the problem? I also checked IgnoreSTARTTLS parameters on receive and send connectors, it is set to False.
Can anyone help?
- Problem was solved by installing certificate on GFImailessentials (perimeter smtp server) through IIS. Even though same certificate was installed on the server before, somehow it was not used for secure communication..
3 Replies
Try changing the IgnoreSTARTTLS value to True!
TaeYounAnn i tried, didn't help..
- Problem was solved by installing certificate on GFImailessentials (perimeter smtp server) through IIS. Even though same certificate was installed on the server before, somehow it was not used for secure communication..
