You are getting error message when trying to configure Microsoft Office on old machines like Windows 7, what will you do?

You tried to configure with SSL and without SSL, but the result says with error messages as follows.

Send test e-mail message: None of the authentication methods supported by this client are supported by your server.

or

Send test e-mail message: Your server does not support the connection encryption type you have specified. Try changing the encryption method. Contact your mail server administrator or Internet service provider (ISP) for additional assistance.

 

The reason for this issue is, your Windows machine was not updating since long time or it is not supporting TLS 1.1 and TLS 1.2.

The Resolution : Update to enable TLS 1.1 and TLS 1.2 as default secure protocols in WinHTTP in Windows.

 

This update provides support for Transport Layer Security (TLS) 1.1 and TLS 1.2 in Windows Server 2012, Windows 7 Service Pack 1 (SP1), and Windows Server 2008 R2 SP1.

About this update

Applications and services that are written by using WinHTTP for Secure Sockets Layer (SSL) connections that use the WINHTTP_OPTION_SECURE_PROTOCOLS flag can't use TLS 1.1 or TLS 1.2 protocols. This is because the definition of this flag doesn't include these applications and services.

This update adds support for DefaultSecureProtocols registry entry that allows the system administrator to specify which SSL protocols should be used when the WINHTTP_OPTION_SECURE_PROTOCOLS flag is used.

This can allow certain applications that were built to use the WinHTTP default flag to be able to leverage the newer TLS 1.2 or TLS 1.1 protocols natively without any need for updates to the application.

This is the case for some Microsoft Office applications when they open documents from a SharePoint library or a Web Folder, IP-HTTPS tunnels for DirectAccess connectivity, and other applications by using technologies such as WebClient by using WebDav, WinRM, and others.

This update requires that the Secure Channel (Schannel) component in Windows 7 be configured to support TLS 1.1 and 1.2. As these protocol versions are not enabled by default in Windows 7, you must configure the registry settings to ensure Office applications can successfully use TLS 1.1 and 1.2.

This update will not change the behavior of applications that are manually setting the secure protocols instead of passing the default flag.

How to get this update

Important If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

Method 1: Windows Update

This update is provided as a Recommended update on Windows Update. For more information about how to run Windows Update, see How to get an update through Windows Update.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

Update detail information

Prerequisites

To apply this update, you must install Service Pack 1 for Windows 7 or Windows Server 2008 R2.

There's no prerequisite to apply this update in Windows Server 2012.

Registry information

To apply this update, the DefaultSecureProtocols registry subkey must be added.
Note To do this, you can add the registry subkey manually or install the "Easy fix" to populate the registry subkey.

Restart requirement

You may have to restart the computer after you apply this update.

Update replacement information

This update doesn't replace a previously released update.

Easy fix

To add the DefaultSecureProtocols registry subkey automatically, click here. In the File Download dialog box, click Run or Open, and then follow the steps in the easy fix wizard.

Notes

  • This wizard may be in English only. However, the automatic fix also works for other language versions of Windows.

  • If you are not on the computer that has the problem, save the easy fix solution to a flash drive or a CD and then run it on the computer that has the problem.

 

Note In addition to the DefaultSecureProtocols registry subkey, the Easy fix also adds the SecureProtocols at the following location to help enable TLS 1.1 and 1.2 for Internet Explorer.

The SecureProtocols registry entry that has value 0xA80 for enabling TLS 1.1 and 1.2 will be added in the following paths:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings

Enable TLS 1.1 and 1.2 on Windows 7 at the SChannel component level

Per the TLS-SSL Settings article, for TLS 1.1 and 1.2 to be enabled and negotiated on Windows 7, you MUST create the "DisabledByDefault" entry in the appropriate subkey (Client) and set it to "0". These subkeys will not be created in the registry since these protocols are disabled by default.

Create the necessary subkeys for TLS 1.1 and 1.2; create the DisabledByDefault DWORD values and set it to 0 in the following locations:

For TLS 1.1

Registry location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client
DWORD name: DisabledByDefault
DWORD value: 0

For TLS 1.2

Registry location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client
DWORD name: DisabledByDefault
DWORD value: 0

Reference : https://support.microsoft.com/en-us/topic/update-to-enable-tls-1-1-and-tls-1-2-as-default-secure-protocols-in-winhttp-in-windows-c4bd73d2-31d7-761e-0178-11268bb10392

Was this answer helpful? 0 Users Found This Useful (0 Votes)

Most Popular Articles

Configuring an email account under your email client

Mail Client Manual Settings You can manually configure your mail client using the settings...
Tracking an email delivery

Track Delivery Review an email’s delivery route. This can be useful if you need to locate...