Forum Discussion
InTune management extension SecureChannelFailure (Could not create SSL/TLS secure channel)
I'm experiencing networking problem when Microsoft Endpoint manager is trying to deploy InTune management extension from https://endpoint.microsoft.com/ to a Win10 device within a company network. ...
I'm experiencing some issues with disabling of SSL package inspection to get rid of "SecureChannelFailure" errors from InTune management extension.
Are you sure that "manage.microsoft.com" is the only endpoint where SSL inspection isn't supported, or does the limitation also apply to subdomains (*.manage.microsoft.com) and/or other domains mentioned on https://docs.microsoft.com/en-us/mem/intune/fundamentals/intune-endpoints ?
Are you sure that "manage.microsoft.com" is the only endpoint where SSL inspection isn't supported, or does the limitation also apply to subdomains (*.manage.microsoft.com) and/or other domains mentioned on https://docs.microsoft.com/en-us/mem/intune/fundamentals/intune-endpoints ?
Did you try adding / whitelisting it with a wildcard?
- Oh 😞 Hope they will find the solution for you!
- Not yet. I've sent over logs with associated WireShark network dumps to Microsoft's networking team and am awaiting response.
- Any update?
- Did you manage to do a firewall logs/monitor together with the network department?
- I guess this will be something you will have to troubleshoot together with the network department, they setup a monitor for your connections and failures when you do a sync of your work account (Info button, Sync)
- SSL package inspection was temporarily disabled for "manage.microsoft.com" and "*.manage.microsoft.com" during testing. However, InTune management extension still reported the same "SecureChannelFailure" in the log and failed to report "Discovered apps" back to the server.