M365 Changelog: Reminder: Disabling TLS 1.0 and TLS 1.1 in Microsoft 365

MC240160 – Updated May 12, 2021: Microsoft has updated this post with additional details and resources.

In the upcoming days, Microsoft will be completing the changes to disable TLS1.0/1.1 protocols for OneDrive and SharePoint in M365 as they have previously communicated via multiple Message Center posts. If you experience any of the following error messages, It might be related to this change. Please take immediate action to complete the remediation steps as soon as possible to avoid usage interruption. Here is a list of common error codes likely caused by incomplete remediation to prepare for the TLS enforcement change.

This message post is a reminder of the ongoing progress of retiring TLS 1.0 and TLS 1.1 protocols in Microsoft 365.

As previously communicated (MC126199 in Dec 2017, MC128929 in Feb 2018, MC186827 in July 2019, and MC218794 in July 2020), Microsoft is moving all their online services to Transport Layer Security (TLS) 1.2+ to provide best in class encryption, and to ensure our services is more secure by default. The changes to enforce TLS1.2+ in Microsoft’s service started on October 15, 2020 and will continue to propagate through all Microsoft 365 environments for the next few months. If you have not taken steps to prepare for this change, your connectivity to Microsoft 365 might be impacted.

Note: If your organization has already taken steps to migrate from TLS 1.0 and 1.1, you can safely disregard this message

Key Points:

  • Major: Retirement of TLS1.0/1.1 protocols. All requests with TLS1.0/1.1 to Microsoft 365 will no longer work.
  • Timing: Started October 15, 2020
  • Action: update or replace client devices as appropriate

How this affects your organization:

Once this change takes effect, all connections to Microsoft 365 using the protocols TLS 1.0 and TLS 1.1 will no longer work. In addition, .NET applications executed using the .NET 4.5 runtime are a common set of applications that are impacted as .NET 4.5 defaults to TLS 1.1, however any application that calls into Microsoft 365 API’s using TLS 1.0 or TLS 1.1 will be impacted.

What you should do to prepare:

Update or replace clients and devices that rely on TLS 1.0 and 1.1 to connect to Microsoft 365.

Update and configure the .NET Framework to support TLS 1.2+.

Additional information