Sign in with Microsoft
Sign in or create an account.
Select a different account.
You have multiple accounts
Choose the account you want to sign in with.


Transport Layer Security (TLS) negotiation happens in an earlier version of Microsoft Exchange Server 2016. This causes an error Event ID 30 to be logged under CIAPI2 in the Event Viewer and incurs an unnecessary TLS cost. After you apply this update, you can enable the UseAscReqNoToken by editing the “MSExchangeFrontendTransport.exe.config” file.


In datacenter edition of Windows Server, there's an option that doesn't require tokens during TLS security negotiation. It's controlled by a flight that's not enabled in Standard edition of Windows Server.

How to get this update

To get this update, install Cumulative Update 11 for Exchange Server 2016 or a later cumulative update for Exchange Server 2016.

To enable the UseAscReqNoToken, follow these steps:

  1. Locate the MSExchangeFrontEndTransport.exe configuration file.

    Note By default, this file can be found in the following location:


  2. Add the following line under <appSettings>: … <appSettings> // Add the following line. <add key="SmtpReceiveUseAscReqNoTokenDuringTlsNegotiation" value="true" /> // End of the added line. …

  3. Save the changes, and then restart the Front End Transport service on the server.


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.


Learn about the terminology that Microsoft uses to describe software updates.

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Was this information helpful?

What affected your experience?
By pressing submit, your feedback will be used to improve Microsoft products and services. Your IT admin will be able to collect this data. Privacy Statement.

Thank you for your feedback!