Connectivity Analyzer - determine SSL and TLS protocols

New Contributor

Hi all,

 

I have a strange problem with the Microsoft Connectivity Analyzer.

For all the tests the autodiscover test fails with the Error:

 

Testing the SSL certificate to make sure it's valid.The SSL certificate failed one or more certificate validation checks.

The Microsoft Connectivity Analyzer is probing the TCP endpoint xxx.xxx.xxx.xx on port 443 to detect which SSL/TLS protocols and cipher suites are enabled.

We were unable to determine which SSL and TLS protocols are enabled. This is usually because we couldn't connect.

 

Even if I start the SSL Server Test I get this result. 
In use is a reverse proxy on a Checkpoint firewall, with TLS 1.2 enabled.

 

If I enable TLS 1.1 the test says: Only TLS 1.1 is enabled, but you need TLS 1.2. So it recognizes TLS 1.1.

 

I also tested a KEMP LoadBalancer and a HAProxy as reverse proxy- both with the same result.

 

Other SSL Tests on the internet recognize TLS 1.2 and the overall rating is A+.

 

So why does the Connectivity Analyzer report that kind of error?

In my opinion, this was not always the case. When we built the environment back then, the tests all ran successfully. There has been no change in the infrastructure since then.

 

Thanks for any help or idea

Flo

2 Replies
Hello ,
We actually facing the same symptoms with a Kemp Loadbalancer and I do confirm RCA tools used to worked and there was no change in Infrastructure.
Did you manage to troubleshoot this issue ?
Thanks,

Hi,

 

no, till now we didn't find any solution and/or reason to this. :(

 

Regards,

Flo