Mailbox auditing fails when you use SHA1Managed in Exchange Server 2019 and 2016

Applies to: Exchange Server 2019Exchange Server 2016


In some scenarios, you should follow FIPS (Federal Information Processing Standards) to encrypt the data. If FIPS enforcement is enabled, data can be encrypted by using only FIPS compliant implementations. When you enable mailbox audit logging in Microsoft Exchange Server 2019 or Exchange Server 2016, the SHA1Managed implementation will be used to encrypt the data. Therefore, mailbox auditing fails, and you receive the following error message:
System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.


To fix this issue, install one of the following updates:


Learn about the terminology that Microsoft uses to describe software updates.