SharePoint Support for Disabling SSL 3.0 and TLS 1.0

Update 7/1/2016: TLS 1.1 and TLS 1.2 are now supported for SharePoint 2010 and 2013.

SharePoint 2010 2013 relies on an old default: SSL 3.0 and TLS 1.0 for secure communication. While you can disable SSL 3.0 on SharePoint servers, you cannot disable TLS 1.0.

A .NET hotfix was add support for TLS 1.1 and TLS 1.2 in the .NET 4.5 Framework, but this requires rebuilding the application that relies on the .NET framework in order to use the new protocols – not something that will happen with SharePoint 2013.

Current versions of SQL Server also have the same limitation when using encrypted connections (which you should be).

So, disable SSL 3.0 on your SharePoint servers, but leave TLS 1.0 enabled. I created a Group Policy ADMX file to help with this in mass-deployments.

Trevor Seward is a Microsoft Office Apps and Services MVP who specializes in SharePoint Server administration, hybrid scenarios, and SharePoint Online. He has been working with SharePoint for 16 years from SharePoint 2003 on up, managing environments with terabytes of content for 150,000+ user organizations. Trevor is an author of Deploying SharePoint 2016 and Deploying SharePoint 2019. You can find him on Twitter and in /r/sharepoint.