How to enable TLS v1.1 and v1.2 in Outlook on Windows 7
Version 1.0 of the TLS protocol is not secure.
As such it needs to be disabled on servers which want to have a PCI compliance. To comply with PCI DSS we have disabled TLS v1.0 on our server.
On Windows 7 and Windows 8.0 computers, the applications built on WinHTTP (Windows HTTP Services) such as Outlook, Word, etc. only support TLS v1.0. As a result of this, if you try to establish a secure connection from your Outlook client to our server, Outlook will throw an error message “Your server does not support the connection encryption type you have specified.“.
In order to resolve this and allow your Outlook to communicate securely to our server using TLS v1.1 and TLS v1.2, you have to do the following:
- Install the Windows update KB3140245, either through Windows Update where it is available as an Optional Update, or download it from the Microsoft Update Catalog (http://www.catalog.update.microsoft.com/search.aspx?q=kb3140245).
- Download the file MicrosoftEasyFix51044.msi from the following page and install it on your computer: https://support.microsoft.com/en-us/help/3140245/update-to-enable-tls-1-1-and-tls-1-2-as-a-default-secure-protocols-in. The file is available for download in the section labeled Easy fix on the above mentioned page. If the easy fix option is not suitable for you and you prefer to edit the registry of your computer manually, the article also provides that information in section “How the DefaultSecureProtocols registry entry works.”.