Scenario
You are installing the Exclaimer Exchange Transport Agent and the Windows Event Viewer displays the following error:
Exclaimer.Exchange.TransportAgent.Configuration.ImprintFesConfigDownloader
The Exclaimer Cloud Transport Agent has failed to update the configuration settings defined by Exclaimer.
An error occurred while sending the request.
The update will be tried again at <Date><Time>.
Correlation ID: 40112e96-1d58-4026-8de0-179cac4c56e6
System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel.
Resolution
The error shows that the configuration has failed and the signature will not be applied. To resolve this issue, manually configure the Transport Layer Security (TLS) protocols.
We strongly advise you to back up the Windows registry before any modifications are made - in doing so, you will have the option to restore the backup if a problem occurs.
For more information, see How to back up and restore the registry in Windows.
Please click on the required options listed below to go through the detailed description:
Make sure all Windows updates have been installed.
For more information, see Exchange Server TLS guidance, part 1: Getting Ready for TLS 1.2
- From Notepad.exe, create a text file and name it TLS12-Enable.reg.
- Copy then paste the following text:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]
"DisabledByDefault"=dword:00000000
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server]
"DisabledByDefault"=dword:00000000
"Enabled"=dword:00000001 - Save the TLS12-Enable.reg file.
- Double-click the TLS12-Enable.reg file.
- Select Yes to update your Windows Registry with these changes.
- From Notepad.exe, create a text file and name it TLS1011-Disable.reg
- Copy then paste the following text:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client]
"DisabledByDefault"=dword:00000001
"Enabled"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server]
"DisabledByDefault"=dword:00000001
"Enabled"=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client]
"DisabledByDefault"=dword:00000001
"Enabled"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server]
"DisabledByDefault"=dword:00000001
"Enabled"=dword:00000000 - Save the TLS1011-Disable.reg file.
- Double-click the TLS1011-Disable.reg file.
- Select Yes to update your Windows Registry with these changes.
- From Notepad.exe, create a text file and name it NET-UseSchannelDefaults.reg
- Copy then paste the following text:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions"=dword:00000001[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions"=dword:00000001[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001 - Save the NET-UseSchannelDefaults.reg file.
- Double-click the NET-UseSchannelDefaults.reg file.
- Select Yes to update your Windows Registry with these changes.
- Restart your computer for the change to take effect.