Forum Discussion
Solved
Office365 connectivity test:
when running office365 network checker, I get:
"Unable to connect to origin. Inner exception message:
The SSL connection could not be established, see inner exception." pops up immediately.
3rd party apps work fine. I am writing this on the machine.
I suspect it is a certificate issue or HTTPS issue with Microsoft?
Windows 11 22h2 has issues as well. Microsoft store error 0x800704cf
windows update/defender updates error
Feedback Hub: error (I was on beta build of 22h2. I upgraded to official 22h2, same issue)
windows update: error 8000704cf
windows 22h2 upgrade didn't fix it
no hosts. file
disabled all 3 firewall profiles
ran 4 online scanners for rootkits and such
Malwarebytes no problems
boot to safe mode - same issue
logged in as admin same issue
reset network from windows, no joy
tried 1.1.1.1 DNS, tried ISP default fiber DNS.
ran checkdsk, SFC /scannow, DISM no errors
this is a prod system running VMs and many services. reinstalling windows is last resort.
any advice is GREATLY WELCOME
Hi CocoKola, could you please help me with the following 3 questions?
1. Is TLS 1.2 protocol disabled on your machine?
M365 connectivity test tool service requires TLS 1.2 to establish SSL connections. You may check that on your registry editor to see if it's disabled. You could search "Registry Editor" in the taskbar and open it, then navigate to the following path:
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols
TLS 1.2 should be enabled to use M365 Connectivity Test Tool .exe client.
2. Are the following two cipher suite on your machine?TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (
0xc030)
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)Cipher suite can also be checked in Registry Editor. The path is:
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\CipherSuite
Those two cipher suites are required by the connectivity test tool service.
3. is .NET Desktop Runtime 6 installed on the machine?
This shouldn't be the reason for the SSL connection failure but I see the exception code 0xe0434352 in the crash log you provided in the comment on May 21st, so just want to double-confirm. Is the crash log below from the issue in the original post saying "Unable to connect to origin. Inner exception message: The SSL connection could not be established, see inner exception" shows when executing the rich client?
If the TLS and cipher suites configuration are unknown, you can also try to enable them on the machine using this software or modify the registry through the Registry Editor and see if the issue can be resolved.
The software is NARTAC which can be downloaded from:
https://www.nartac.com/Products/IISCrypto/DownloadNo installation requires. Checking the needed TLS protocol and Cipher Suite should work.
Are you saying Microsoft 365 network connectivity test tool? If yes, may refer to assistant for the setup:
The Office365 connectivity test ensures seamless connectivity and functionality for Seattle executive search [hyperlink removed by admin] firms, enhancing productivity and efficiency in their daily operations.
Friendly reminder: Please refrain from posting third-party links to unrelated or self-promotional content as it violates our Code of Conduct and Tech Community Guidelines.
Thanks,
Meenah
Microsoft 365 Community Manager
- The Microsoft 365 network connectivity test tool, yes. It does work. When I download the executable THAT app crashes. So I was wrong about access to Microsoft servers as per that tool, but I am trying to troubleshoot my other issues.
here is the crash log:
Faulting application name: Connectivity.52f1ec02-387d-4e1e-bb6d-93bb7da4a004.exe, version: 1.9.79.0, time stamp: 0x641cef7e
Faulting module name: KERNELBASE.dll, version: 10.0.22621.1635, time stamp: 0x61869dd2
Exception code: 0xe0434352
Fault offset: 0x000000000006536c
Faulting process id: 0x0xB848
Faulting application start time: 0x0x1D98B4A5AA3BC3C
Faulting application path: C:\Users\robpr\Downloads\Connectivity.52f1ec02-387d-4e1e-bb6d-93bb7da4a004.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: a61dc202-efe7-4896-9ec6-d4080a8973cd
Faulting package full name:
Faulting package-relative application ID:
My overall question still stands, diving deeper into what is causing the system not to connect.
I have used tcpip view to verify there are no unanswered connection attempts. Further, Process monitor is showing no issues either.
What am I missing?
dingxinMicrosoft
Hi CocoKola, could you please help me with the following 3 questions?
1. Is TLS 1.2 protocol disabled on your machine?
M365 connectivity test tool service requires TLS 1.2 to establish SSL connections. You may check that on your registry editor to see if it's disabled. You could search "Registry Editor" in the taskbar and open it, then navigate to the following path:
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols
TLS 1.2 should be enabled to use M365 Connectivity Test Tool .exe client.
2. Are the following two cipher suite on your machine?TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (
0xc030)
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)Cipher suite can also be checked in Registry Editor. The path is:
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\CipherSuite
Those two cipher suites are required by the connectivity test tool service.
3. is .NET Desktop Runtime 6 installed on the machine?
This shouldn't be the reason for the SSL connection failure but I see the exception code 0xe0434352 in the crash log you provided in the comment on May 21st, so just want to double-confirm. Is the crash log below from the issue in the original post saying "Unable to connect to origin. Inner exception message: The SSL connection could not be established, see inner exception" shows when executing the rich client?
If the TLS and cipher suites configuration are unknown, you can also try to enable them on the machine using this software or modify the registry through the Registry Editor and see if the issue can be resolved.
The software is NARTAC which can be downloaded from:
https://www.nartac.com/Products/IISCrypto/DownloadNo installation requires. Checking the needed TLS protocol and Cipher Suite should work.
