Follow-up on TLS 1.2 issue in Dynamics 365

Recently there have been lots of posts and incidents because of Dynamics 365 v9.0 enforcing TLS 1.2

To resolve this i.e. enforcing your application to connect through TLS 1.2 there are various options available out there.

I have tried to list down all the options I came across in this code


If you are having source code that you are building you can use on of the options available below:

1. Use  following before your connection request is made. This will enforce TLS 1.2

System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

2. Change your framework version to 4.6 or above and you don’t need to additional work (or line of code highlighted above)

A quick summary of .Net framework and TLS Support

.Net Framework TLS Support
.Net 4.6 and above TLS 1.2 is supported by default
.Net 4.5 TLS 1.2 is supported you can use first solution to use it.
.Net 4.0 TLS 1.2 is not supported by framework but you can still use it with enum value is server has framework 4.5 or above installed
ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;
.Net 3.5 or below Was not supported earlier but there is a patch to get it working



Other scenario can be that you have a prebuilt application and none of the solutions highlighted above works (in this case a plugin registration tool)

1.  You can resolve it by adding the following line to the <runtime> section of the app.config file (provided that application is built against supported .Net framework):

<AppContextSwitchOverrides value="Switch.System.Net.DontEnableSchUseStrongCrypto=false"/>


In case you have multiple applications running on a server (compiled in version supporting TLS 1.2) you can do registry edit to enforce all applications on server to utilize highest possible version. Be careful with this fix as it might cause negative impacts on other applications.





Reference blogs:

1 Comment

  1. Sumit Pal Singh

    I stumbled upon your blog and found it very helpful.

    Thanks, happy blogging 🙂



Leave a Reply

Your email address will not be published. Required fields are marked *