Preparing for the mandatory use of TLS 1.2 in Office 365 (Hybrid Configuration ONLY)

Preparing for the mandatory use of TLS 1.2 in Office 365 (Hybrid Configuration ONLY)


Consistent with our promise to provide best-in-class encryption to our customers, Microsoft is planning to enforce the use of TLS 1.2 soon in Office 365.

The Microsoft TLS 1.0 implementation has no known security vulnerabilities. Because of the potential for future protocol downgrade attacks and other TLS vulnerabilities, we are disabling the use of TLS 1.0 and 1.1 in the service.

This recently released TLS 1.0 whitepaper can help you to remove TLS 1.0 dependencies.

More Information

On March 1, 2018, Microsoft Office 365 will disable support for TLS 1.0 and 1.1. This means that, starting on March 1, 2018, all client-server and browser-server combinations must use TLS 1.2 or later protocol versions to be able to connect without issues to Office 365 services. This may require certain client-server and browser-server combinations to be updated.

Although current analysis of connections to Microsoft Online services shows that very few customers still use TLS 1.0 and 1.1, we are providing notice of this change so that you can update any affected clients or servers as necessary before support for TLS 1.0 and 1.1 is disabled. If you are using any on-premises infrastructure for hybrid scenarios or Active Directory Federation Services, make sure that these infrastructures can support both inbound and outbound connections that use TLS 1.2.


The following resources provide guidance to make sure that clients are using TLS 1.2 or a later version, and to disable TLS 1.0 and 1.1 proactively.


Contact us today for advice and help with Office 365