1. Home
  2. E-mail Tutorials
  3. How to Enable TLS 1.2 in Outlook (Windows 7)

How to Enable TLS 1.2 in Outlook (Windows 7)

TLS Protocol Version 1.0 is not secure and as a result, needs to be disabled on servers that offer PCI compliance. All of our servers are PCI Compliant-ready and therefore we have disabled it across our entire hosting platform.

Currently, we only support TLS 1.2.

If you’re using Windows 7 and Windows 8.0, applications built using WinHTTP such as Microsoft Outlook, Word, etc will only support TLS 1.0.

Since this protocol is no longer secure and is now disabled, if you try and establish a secure connection using your Outlook e-mail client to the GreenGeeks mail server, Outlook will display an error message similar to the one below:

“Your server does not support the connection encryption type you have specified.”

To resolve this issue and allow Outlook to communicate securely to the GreenGeeks mail server using TLS 1.2, you will have to follow these instructions.

Install the KB3140245 Update

Before you start, you will need the KB3140245 patch required for your operating system. You can get it by going to the Microsoft Update Catalog.

Click the “Download” button for your OS. As you can see, this patch is needed for Windows 7, 8 and Server 2008 and 2012.
Download

Make sure you’re getting the correct file. You will see that Windows 7 has two available files. These are for 32 and 64-bit systems. Download the one that matches your version of Windows.

Once you download the file, install it.

download-install

However, you may already have this file if updates are current in Windows. It’s usually in the Optional section as it’s not necessarily needed to run the computer.

It’s probably a good idea to see if it’s already listed and update the file from Windows Updates.

Registry Editing Method 1: Using Easy Fix

If you don’t want to root around in the system’s registry, and I don’t blame you for not, you can always use the “Easy Fix” application. You can find this on Microsoft’s website, and it will do all the changes for you automatically.

Go to the Microsoft website and click “Download” under Easy Fix.
Easy Fix

You may have to scroll down the page a bit to see the download button.

Run the application and follow its instructions.

run application

Registry Editing Method 2: Editing The Registry

For this tutorial, we’ll edit the registry of Windows. Although this is a delicate process, it’s not overly difficulty. As long as you follow the instructions precisely, you’ll have nothing to worry about.

Open the Registry Editor

Click the Start button on the bottom left.

click start button

Click the option to “Run”. This will open a new small window with a text field.

run

Type regedit in the field and click, “OK.”
regedit

Adding the DWORD Value

Look for this entry in the Regedit screen:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp

Regedit Entry

Create a DWORD value Called DefaultSecureProtocols.

create dword

Set the value of this to: 0xA00

set value

Now look for this entry:

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp

look entry

Create a DWORD value Called DefaultSecureProtocols.

create dword value

Set the value of this to: 0xA00

set value this

Look for this value in the registry:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client

value registry

Create DisabledByDefault DWORD and set the value to: 0.

set value 0

Reboot the Computer

Once your values are placed and saved in Regedit, reboot the computer. Your settings will be live once the system restarts.

Keep Your Email Secure

Any security is better than none at all. Using TLS helps by giving you a layer of protection to keep your data safe. It’s not only email fraud that will cost your business in the long run.

Do what you can to make your email harder to access by the criminal element.

Author: Kaumil Patel

Kaumil Patel is the Chief Operating Officer of GreenGeeks and has over 13 years of experience in the web hosting industry working for and owning web hosting companies. Kaumil’s expertise is in marketing, business development, operations, acquisitions and mergers.

Updated on September 12, 2018

Was this article helpful?

Related Articles

Comments

  1. I am trying this method but when I go to Schannel\protocols I only see SSL v2.0 listed. Any ideas as to why this is happening?

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.