Microsoft to retire TLS 1.0 and 1.1 from 15 October 2020 – How does that affect customers running Microsoft NAV?
Microsoft has now set October 15, 2020 as the date it will enforce the deprecation of the legacy Transport Layer Security (TLS) web protocols TLS 1.0 and 1.1 in Office 365.
Customers are urged to adopt TLS 1.2 in preparation for future downgrade attacks that exploit backward compatibility for older protocols under a plan that Microsoft announced in 2018 to retire TLS 1.0 and 1.1 in early 2020.
Microsoft noted that the effect of the change is expected to be “minimal” given the protocol’s deprecation has been known since 2017, but has this been left too late for Microsoft NAV customers?
Microsoft recommends that all client-server and browser-server combinations use TLS 1.2 (or a later version) in order to maintain connection to Office 365 services. You might have to update certain client-server and browser-server combinations.
Microsoft has already begun deprecation of TLS 1.0 and 1.1 as of January 2020. Any clients, devices, or services that connect to Office 365 through TLS 1.0 or 1.1 are unsupported.
The following clients are known to be unable to use TLS 1.2. Update these clients to ensure uninterrupted access to the service:
- Android 4.3 and earlier versions
- Firefox version 5.0 and earlier versions
- Internet Explorer 8-10 on Windows 7 and earlier versions
- Internet Explorer 10 on Windows Phone 8
- Safari 6.0.4/OS X10.8.4 and earlier versions
For all NAV customers running older versions of the application, it is imperative to ensure you are on a Cumulative update that supports TLS1.2. Especially if your NAV system connects directly to Office 365.
Dynamics NAV supports TLS1.2 from the following versions (using the SecurityProtocol setting on the config file of the server):
Version/TLS 1.2 support added
- Dynamics NAV 2015/Cumulative update 43
- Dynamics NAV 2016/Cumulative update 31
- Dynamics NAV 2017/Cumulative update 18
- Dynamics NAV 2018/First release (RTM)