Please be aware that Microsoft now also requires use of TLS 1.2 to connect to Office 365 services after March 1, 2018. That change may require you to check and update your code on your client applications.
On March 1, 2018, Microsoft Office 365 will disable support for TLS 1.0 and 1.1. https://t.co/XBnlEPNBF9
— NIERO@net e.K. (@nieronet) 20. Dezember 2017
Browser Support
Most of current browsers already have build-in support for TLS 1.2 for several years. But If you still use Windows 7, you may consider an upgrade as Internet Explorer 10 does not support TLS 1.2. The following browsers DO NOT support TLS 1.2 and will stop working with Office 365 services
- Internet Explorer 10
- Google Chrome 29
- Firefox 26
- Internet Explorer 10
- Safari 8
iOS 4 and Android 4 do not support TLS 1.2 so you also may consider to upgrade your mobile or replacement it in time.
See also https://www.ssllabs.com/ssltest/clients.html
.NET suppport for TLS 1.2
API library support for TLS1.2 should be verified. If you have code that connects with Office 365, Graph API or REST API, you must ensure that it will continue to
work after March 1, 2018. While your code may change the default behaviour, but as a learning from the requirements
to PCIDSS we’ve identified the following popular librarties that may be of concern.
- .NET 4.7 and 4.6: TLS 1.2 is used by default. Typically no changes are required.
- .NET 4.5: The SecurityProtocolType must to be changed to Tls12 (using the SecurityProtocol Setter), see also
- .NET 4.0: TLS 1.2 is supported, but there’s no named SecurityProtocoltype enumeration like in .NET 4.5. Use 3072 instead.
- .NET 3 and below: As far as I know there is no support for TLS 1.2; you must must be upgrade your library.
Also read “Support for TLS System Default Versions included in the .NET Framework 3.5 on Windows Server 2012” on the Microsoft website.
Hybrid Exchange or Sharepoint, AD FS, other apps
This change may also affect your applications like Hybrid Exchange Server, AD FS on Windows Server 2008 and others. While I do not expect you to have trouble on that applications, you may take the chance to check your SSL configuration on your operating system / IIS setup.
Double check the registry settings mentioned on https://technet.microsoft.com/en-us/library/dn786418(v=ws.11).aspx for that.
Resumee
Most of you may already have updated your code in financial apps to support TLS 1.2 for security reasons. In order to get a seamless user experience in your applications you should check your own Office 365 apps now. If you need further support on how to analyze your application pool, feel free to contact me for support.