Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocol support in SharePoint Server

**Summary:**This article describes the versions of the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocol that SharePoint Server supports.

SharePoint Server supports the following versions of the TLS protocol:

  • TLS 1.0

  • TLS 1.1

  • TLS 1.2

  • SSL 3.0*

*Note that SharePoint Server 2016 does not fully support SSL 3.0. This is because SharePoint Server 2016 disables SSL 3.0 connection encryption by default for some, but not all features.

Important

We recommend completely disabling the SSL 3.0 protocol due to its security vulnerability. > For additional information on how to completely disable SSL 3.0, see the "Disabled SSL 3.0 in Windows For Server Software" and "Disabled SSL 3.0 in Windows For Client Software" sections in Microsoft Security Advisory 3009008

For information about how to enable TLS support, see:

SSL and TLS Protocols that can be disabled

SharePoint Server supports disabling the following versions of the SSL/TLS protocol:

  • TLS 1.0

  • TLS 1.1

  • TLS 1.2

  • SSL 3.0

Note

At least one of the following TLS protocols must remain enabled: TLS 1.0, TLS 1.1, or TLS 1.2.