SMTP is not transported over TLS 1.1 or TLS 1.2 protocol in an Exchange Server 2010 environment

Applies to: Exchange Server 2010 Service Pack 3Exchange Server 2010 EnterpriseExchange Server 2010 Standard

Symptoms


If you enable transport layer security (TLS) 1.1 or TLS 1.2 in a Microsoft Exchange Server 2010 environment, simple mail transfer protocol (SMTP) uses TLS 1.0 unexpectedly.

Cause


This issue occurs because of a hard-coded restriction that limits SMTP to use secure sockets layer (SSL) 3.0 and TLS 1.0 for transport.

Resolution


To resolve this issue, install the following update:

Note This update removes the hard-coded restriction so that SMTP sessions can negotiate with any SSL or TLS protocols that are enabled in the host operating system.

Status


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

More Information


For more information about TLS and SSL protocols, see What is TLS/SSL.
For more information about how to enable TLS 1.2 protocol in registry key, see TLS/SSL Settings.