TLS 1.0 Issue with Hybrid Connectors

%3CLINGO-SUB%20id%3D%22lingo-sub-221211%22%20slang%3D%22en-US%22%3ETLS%201.0%20Issue%20with%20Hybrid%20Connectors%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-221211%22%20slang%3D%22en-US%22%3E%3CP%3ENoticed%20the%20following%20messages%20in%20the%20Report%20Dashboard%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%22%3CSPAN%3EYour%20connector%20%22INBOUND%20FROM%20xxx%22%20has%20100%25%20of%20254%20average%20daily%20messages%20being%20sent%20with%20TLS1.0.%3C%2FSPAN%3E%22%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3E%22Your%20connector%20%22INBOUND%20FROM%20xxx%22%20has%20100%25%20of%20254%20average%20daily%20messages%20being%20sent%20with%20TLS1.0.%3C%2FSPAN%3E%22%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EOur%20On-Premise%20Exchange%20Server%20(2010)%20is%20patched%20and%20up-to-date.%20Has%20a%20valid%20CERT.%20%26nbsp%3B%20What%20am%20I%20missing%3F%26nbsp%3B%20Thanks.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-221211%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EExchange%20Online%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EExchange%20Server%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EHybrid%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-222024%22%20slang%3D%22en-US%22%3ERe%3A%20TLS%201.0%20Issue%20with%20Hybrid%20Connectors%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-222024%22%20slang%3D%22en-US%22%3E%3CP%3EServer%20(2008%20R2)%20already%20has%20all%20of%20the%20most%20recent%20pages%20or%20at%20least%20to%20the%20published%20date%20of%20this%20article.%26nbsp%3B%20Exchange%20is%20up%20to%20Rollup%2021.%20%26nbsp%3B%20.NET%20frame%20is%20up%20to%202018-05%20Security%20Rollup%20(KB4099633)%26nbsp%3B%20Server%20Windows%202008%20R2%20is%20at%202018-06.%20Attempted%20to%20install%20the%20TLS%20.net%20update%20and%20does%20not%20apply%2C%20probably%20as%20the%20installed%20version%20is%20newer%20than%20this%20patch.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20did%20find%20the%20registry%20keys%20and%20enabled%20TLS%201.2%20(enabled%3A1)%20and%20applying%20the%20Rollup%2022%20now.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-221767%22%20slang%3D%22en-US%22%3ERe%3A%20TLS%201.0%20Issue%20with%20Hybrid%20Connectors%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-221767%22%20slang%3D%22en-US%22%3E%3CP%3EMaybe%20related%20to%20this---%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fblogs.technet.microsoft.com%2Fexchange%2F2018%2F01%2F26%2Fexchange-server-tls-guidance-part-1-getting-ready-for-tls-1-2%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fblogs.technet.microsoft.com%2Fexchange%2F2018%2F01%2F26%2Fexchange-server-tls-guidance-part-1-getting-ready-for-tls-1-2%2F%26nbsp%3B%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EExchange%20Server%20TLS%20guidance%2C%20part%201%3A%20Getting%20Ready%20for%20TLS%201.2%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3E%3D%3D%3D%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Regular Contributor

Noticed the following messages in the Report Dashboard 

 

"Your connector "INBOUND FROM xxx" has 100% of 254 average daily messages being sent with TLS1.0."

 

"Your connector "INBOUND FROM xxx" has 100% of 254 average daily messages being sent with TLS1.0."

 

Our On-Premise Exchange Server (2010) is patched and up-to-date. Has a valid CERT.   What am I missing?  Thanks. 

2 Replies
Highlighted

Maybe related to this---

https://blogs.technet.microsoft.com/exchange/2018/01/26/exchange-server-tls-guidance-part-1-getting-...

 

 

Exchange Server TLS guidance, part 1: Getting Ready for TLS 1.2

 

 

===

Highlighted

Server (2008 R2) already has all of the most recent pages or at least to the published date of this article.  Exchange is up to Rollup 21.   .NET frame is up to 2018-05 Security Rollup (KB4099633)  Server Windows 2008 R2 is at 2018-06. Attempted to install the TLS .net update and does not apply, probably as the installed version is newer than this patch. 

 

I did find the registry keys and enabled TLS 1.2 (enabled:1) and applying the Rollup 22 now.