question

AareSrinivasPatel-7691 avatar image
0 Votes"
AareSrinivasPatel-7691 asked CaseyYangMSFT-4714 commented

Sharepoint 2016 TLS 1.2 enabling

Hi

Could you please any one help out to configure/Enable TLS 1.2 for SharePoint 2016 .
Network guy installed the TLS into the server, after this i not able access SharePoint site showing below error message
i.e

" Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings and try connecting to <https://siteurl> again. If this error persists, it is possible that this site uses an unsupported protocol or cipher suit such as RC4, which is not considered secure. Please contact site administrator. "

I have done with advance settings from browser side but not resolved .


Can please advice what is the process to do fix this issue ?


Regards
Srinivas Are

office-sharepoint-server-administrationoffice-sharepoint-server-development
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

UmrF avatar image
0 Votes"
UmrF answered UmrF commented

TLS 1.2 must be enabled your SP servers for TLS 1.2 to work. In addition to enabling TLS 1.2 make sure you have this key available as well on SP server.

$registryPath = "HKLM:\SOFTWARE\Microsoft.NETFramework\v4.0.30319"
$Name = "SchUseStrongCrypto"
$value = "1"
New-ItemProperty -Path $registryPath -Name $name -Value $value -PropertyType DWORD -Force | Out-Null

$registryPath = "HKLM:\SOFTWARE\Wow6432Node\Microsoft.NETFramework\v4.0.30319"
$Name = "SchUseStrongCrypto"
$value = "1"
New-ItemProperty -Path $registryPath -Name $name -Value $value -PropertyType DWORD -Force | Out-Null


you can also use this utility to enable TLS 1.2 on server.
https://www.nartac.com/Products/IISCrypto



· 4
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.


Hi UmrF,

Thank so much for your response,

Above mentioned Keys already available , even same error like

" Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings and try connecting to <https://siteurl> again. If this error persists, it is possible that this site uses an unsupported protocol or cipher suit such as RC4, which is not considered secure. Please contact site administrator. "

Could you please advise is there any other way fix this issue ?

Regards
Srinivas Are




0 Votes 0 ·
UmrF avatar image UmrF AareSrinivasPatel-7691 ·

1- Make sure you use the tool shared above and it shows that TLS 1.2 is enabled.
https://www.nartac.com/Products/IISCrypto

2- Make sure setting in IE are checked:

Go to IE > Intern Options > Advanced> Use TLS 1.0 is checked.
Go to IE > Intern Options > Advanced> Use TLS 1.1 is checked.
Go to IE > Intern Options > Advanced> Use TLS 1.2 is checked.
Go to IE > Intern Options > Advanced> Use SSL 3.0 is checked.

0 Votes 0 ·

Hi UmrF,

1- Make sure you use the tool shared above and it shows that TLS 1.2 is enabled
-- >Customer not recommended to install any third party tools.
Can you advise any other way to check this ?

2- Make sure setting in IE are checked:

Go to IE > Intern Options > Advanced> Use TLS 1.0 is checked.
Go to IE > Intern Options > Advanced> Use TLS 1.1 is checked.
Go to IE > Intern Options > Advanced> Use TLS 1.2 is checked.
Go to IE > Intern Options > Advanced> Use SSL 3.0 is checked.


  • > These are all checked in IE


what are areas i should check and troubleshoot here ?

Regard
Srinivas Aare




0 Votes 0 ·
Show more comments
CaseyYangMSFT-4714 avatar image
0 Votes"
CaseyYangMSFT-4714 answered CaseyYangMSFT-4714 commented

Hi @AareSrinivasPatel-7691,

Please go into IIS on your web server check the site Binding.

Check whether you selected SSL certificate or not. You have to select proper wildcard certificate.

140387-1.png

For Reference: Quick Tip To Resolve “Turn on TLS” Error with SharePoint On-Premises
Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.


If an Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.




1.png (6.1 KiB)
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi
CaseyYangMSFT-4714

Thanks for your advice, I went to IIS and changed SSL certificate for each website, still i can see same error message

Could you please , what are the place i should check and do an action accordingly.

" Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings and try connecting to <https://siteurl> again. If this error persists, it is possible that this site uses an unsupported protocol or cipher suit such as RC4, which is not considered secure. Please contact site administrator. "


Regards
Srinivas Are

0 Votes 0 ·
CaseyYangMSFT-4714 avatar image CaseyYangMSFT-4714 AareSrinivasPatel-7691 ·

Hi @AareSrinivasPatel-7691,

Find this simiar issue with the same error message for reference: SharePoint Online GetAppOnlyAuthentication suddenly stopped working


0 Votes 0 ·