Question

TLS error in Mail Sender connector using smtp.office365.com

  • 23 February 2022
  • 4 replies
  • 4955 views

Userlevel 3
Badge +8

Hi

our customer is getting TLS error since 2 weeks ago when trying to send e-mail from IFS9 UPD10 using smtp.office365.com SMTP server.

error is:

Error while sending data... 

Caused by: javax.mail.AuthenticationFailedException: 421 4.7.66 TLS 1.0 and 1.1 are not supported. Please upgrade/update your client to support TLS 1.2. Visit https://aka.ms/smtp_auth_tls. [GV3P280CA0114.SWEP280.PROD.OUTLOOK.COM]

 

can we reconfigure IFS somehow to force it use TLS 1.2 when communication with smtp.office365.com?

 

Neno

 


This topic has been closed for comments

4 replies

Userlevel 6
Badge +13

This issue you are having is not an IFS issue. Microsoft has ended support for Transport Layer Security 1.0 and 1.1 since 30th of March 2020. Now they  have started to disable TLS1.0 and TLS1.1 for the default SMTP AUTH endpoints as well. 

This is why you are getting an error while trying to send an email. This error is  not coming from IFS end, but due to the de-support of legacy TLS versions. As a solution, their suggestion is to enable TLS 1.2 or enable Legacy TLS using steps mentioned in below url.

https://techcommunity.microsoft.com/t5/exchange-team-blog/new-opt-in-endpoint-available-for-smtp-auth-clients-still/ba-p/2659652 

Can change the TLS settings with internet options on the VM.
Please request to refer below,

Internet explorer>Settings>internet options >Advaced tab and put the Use TLS 1.2 option.

Additionally, Can change as bellow in Register editor,

For TLS 1.2
Registry location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client
DWORD Name: DisabledByDefault
DWORD value: 0

Badge +1

I have been struggling with this. Both middleware and database servers are setup to use only TLS1.2, via registry and double checked with IIS crypto. Everytime I try to send mail, I get this error: Caused by: javax.mail.AuthenticationFailedException: 421 4.7.66 TLS 1.0 and 1.1 are not supported. Please upgrade/update your client to support TLS 1.2. Visit https://aka.ms/smtp_auth_tls.

We are on IFS Apps 9 UPD 7 or 8. As far as I understand from IFS Apps 8 TLS1.2 should be supported. What should I do to force TLS1.2?

Userlevel 3
Badge +8

Hi

I think that IFS9 is not compatible with TLS1.2 - you will have to follow instruction in https://aka.ms/smtp_auth_tls to solve this (set AllowLegacyTLSClients  and use legacy address smtp-legacy.office365.com)

 

Neno

 

Badge +1

There are quite many topics saying that since APPS8 version something TLS1.2 is supported. Charith’s response also suggests that it is only matter of configuring server to use correct TLS. I wonder which is now the case? Naturally my tests indicate that it is not supported.