SharePoint Support for Disabling SSL 3.0 and TLS 1.0

Update 7/1/2016: TLS 1.1 and TLS 1.2 are now supported for SharePoint 2010 and 2013.

SharePoint 2010 2013 relies on an old default: SSL 3.0 and TLS 1.0 for secure communication. While you can disable SSL 3.0 on SharePoint servers, you cannot disable TLS 1.0.

A .NET hotfix was add support for TLS 1.1 and TLS 1.2 in the .NET 4.5 Framework, but this requires rebuilding the application that relies on the .NET framework in order to use the new protocols — not something that will happen with SharePoint 2013.

Current versions of SQL Server also have the same limitation when using encrypted connections (which you should be).

So, disable SSL 3.0 on your SharePoint servers, but leave TLS 1.0 enabled. I created a Group Policy ADMX file to help with this in mass-deployments.

3 Comments

  1. which mean we cannot disable the TLS 1.0 at server will cause SharePoint 2013 not able to work ?

    am i get it right ?

  2. Pingback: SharePoint and SSL protocol supportability – The Soldier of Fortune

Leave a Reply