I need to figure out what version TLS our lync environment is using, especially the edge servers.
Is it 1.2 or lower.
How can I determine the version?
Thanks
- Edited by rondefino Wednesday, September 02, 2015 1:21 AM
Technology Tips and News
I need to figure out what version TLS our lync environment is using, especially the edge servers.
Is it 1.2 or lower.
How can I determine the version?
Thanks
Hi
This will be a server setting rather than Lync setting. Lync will use all available protocols that the server has enabled. Therefore, you will need to disable SSL3 and TLS1.0 manually in the registry and enforce TLS 1.2 in the same manner. Reboot and the server will be only using 1.2
In Server 2012, 1.2 is enabled by default, but in 2008 and R2 you have to enable this
https://support.quovadisglobal.com/KB/a433/how-to-enable-tls-12-on-windows-server-2008-r2.aspx
To disable SSLv3 and 2
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server] "Enabled"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server] "Enabled"=dword:00000000
To disable TLS 1.0
HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders \SCHANNEL\Protocols\TLS 1.0 Enabled=dword:00000000
thanks
I don't see this setting on 2008R2. Do I need to add it to disable?
To disable TLS 1.0
HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders \SCHANNEL\Protocols\TLS 1.0 Enabled=dword:00000000