cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Do we need to update Windows 7 once TLS 1.2 is mandatory for Office 365?

wroot
Silver Contributor

‎Jan 19 2018 06:01 AM

‎Jan 19 2018 06:01 AM

Do we need to update Windows 7 once TLS 1.2 is mandatory for Office 365?

We have a lot of Windows 7 computers using Office 365 client, OneDrive, Skype for Business. We use latest Monthly channel version of Office (2016). Do we have to install TLS 1.2 enabling update and make registry changes described here https://support.microsoft.com/en-us/help/3140245/update-to-enable-tls-1-1-and-tls-1-2-as-a-default-s... Or will  Office 365 apps work correctly without it once TLS 1.2 is mandatory?

Labels:
3,748 Views
0 Likes
3 Replies
Reply
3 Replies
Cian Allner

‎Jan 19 2018 07:15 AM

‎Jan 19 2018 07:15 AM

Re: Do we need to update Windows 7 once TLS 1.2 is mandatory for Office 365?

It's a good question, I don't think so though, I have read up on the material in relation to Office 365 and TLS 1.2 mandatory use (which could be clearer) and this only seems to apply to very specific on-prem, hybrid sort of workloads.  The Message center post and support article talks about this and not much else:

 

"If you are using any on-premises infrastructure for hybrid scenarios or Active Directory Federation Services, make sure that these infrastructures can support both inbound and outbound connections that use TLS 1.2."

 

Office 365 ProPlus should be fine, after all for example Internet Explorer 11 has supported TLS 1.2 out of the box by default since 2013! For peace of mind, I probably would suggest opening a service request and get Microsoft to confirm for sure.

2 Likes
Reply
wroot

‎Jan 19 2018 10:50 AM

‎Jan 19 2018 10:50 AM

Re: Do we need to update Windows 7 once TLS 1.2 is mandatory for Office 365?

Thanks for the reply. I have opened a request today (as well as asking by providing feedback on the message center message, no reply though). But i doubt i will get a useful response. Based on my experience with Office 365 support it seems that they only work with a limited list of FAQ and anything outside of it gets "it's out of our scope" response..

 

I came to the same conclusion that this update only covers specific scenarios (like hybrid one) and older apps, which are not negotiating TLS on their own and use system's available mechanism. I guess Office 365 ProPlus should be good (same as IE11). When i check traffic on my PC i see TLS 1.0 and TLS 1.2 connections going to MS servers (using Office, Skype, OneDrive). As TLS 1.2 is disabled on Windows 7, it looks like apps are negotiating it on their own without problems. But TLS 1.0 is still in use for some reason (maybe handshakes). Btw, we do use AD Connect to sync AD users to Azure AD. But AD Connect is up to date and on Windows Server 2012, so there shouldn't be problems with it connecting with Azure. We also use SMTP to relay messages from internal systems to Exchange Online. I only see TLS 1.2 in traffic to EO servers from our SMTP (IIS on WS2012). So it seems it is also ok.

 

All in all, i feel that we most probably don't have to do anything. But i'm still a bit worried if i'm not overlooking something.

0 Likes
Reply
best response confirmed by wroot (Silver Contributor)
wroot

‎Jan 26 2018 12:09 AM

‎Jan 26 2018 12:09 AM

Solution

Re: Do we need to update Windows 7 once TLS 1.2 is mandatory for Office 365?

So, at first support engineer just provided me the same link about preparing to TLS 1 disabling. When i have provided him my arguments and doubts, he has discussed this with other technical staff and then replied that we don't need to update.

 

Well, i think there is still a chance something was misunderstood, but at least i now have an official answer. My chief will have a final decision about this though.

1 Like
Reply
1 best response

Accepted Solutions
best response confirmed by wroot (Silver Contributor)
wroot

‎Jan 26 2018 12:09 AM

‎Jan 26 2018 12:09 AM

Solution

Re: Do we need to update Windows 7 once TLS 1.2 is mandatory for Office 365?

So, at first support engineer just provided me the same link about preparing to TLS 1 disabling. When i have provided him my arguments and doubts, he has discussed this with other technical staff and then replied that we don't need to update.

 

Well, i think there is still a chance something was misunderstood, but at least i now have an official answer. My chief will have a final decision about this though.

View solution in original post

1 Like
Reply