How to Allow Outlook to Connect via TLSv1.1/TLSv1.2
Maybe you've tried the patches and registry edits and this did't work.
The problem apparently lies with Outlook’s interaction with Windows, and not in Outlook itself. (Mozilla’s Thunderbird actually works fine connecting to IMAP/POP via TLS1.1/1.2 (using STARTTLS) out of the box (even on WinXP!), but at the time of this writing it has a bug in it that won’t allow you to import your data from Outlook, which at least for now, probably makes switching from Outlook to Thunderbird not an option.)
On the client machine with Outlook on it, check this registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols
Under the Protocols key, add two new keys, if not already there: One called “TLS 1.1” and one called “TLS 1.2“.
Inside both of these keys, add another key called “Client“.
Now create a DWORD value in each Client key called “DisabledByDefault” whose value is 00000000.
Now restart the computer and then relaunch Outlook.
You should now be able to connect to that PCI compliant IMAP/POP server that’s only running TLSv1.1 and TLSv1.2 protocols. (That is, assuming you only disabled the SSLv3.0 & TLSv1.0 protocols themselves, and not their associated ciphers too when trying to pass certification! (You don’t want or need to do this, because TLSv1.1 uses the same ciphers as SSLv3.0, so disabling SSLv3.0 ciphers renders TLSv1.1 useless, and it doesn’t help your PCI compliance.
To help users simplify the steps we added a registry patch file.
Please download the winrar zip below in the attachment section.
- Enable TLS 1.x on Windows 7 / Windows 10 (Client)
Extract en run .reg file - restart system after running the reg file.
- Enable TLS 1.x on Windows 7 / Window 10 (Client / Server)
Extract en run .reg file - restart system after running the reg file.
*Use this configuration option at your own risk!
See related external article link: