Hey Yall…. Seems like MS are forcing TLS 1.2 or above on SMTP connections and other O365 web based authentication services that connect to Azure, if you get an error like:
System.Web.Services: System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. —> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. —> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
Then try applying these reg entries that force > TLS 1.2 connections on 32 bit and 64 bit .Net v2.0.50727 which is what the MIM portal users….the later versions seemed to be forced already. They also get applied as part of a hardening GPO but its name escapes me ATM.
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
MS have been phasing it on on SMTP connections via the term they call speedbump