I woke up one morning and seen majority of my scripts started failing with error:
Exception calling “ExecuteQuery” with “0” argument(s): The underlying connection was closed
On troubleshooting, it was found these were all scripts where I have utilized SharePoint Client Object Model (CSOM).
After a thought I immediately pin pointed it to TLS 1.2 So I used below command that I have mentioned in the article.
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
This helped but for that particular session only but what we wanted is that it is defaulted to TLS1.2 for every session.
On researching, I have found the solution that will persist and is independent of the sessions on the machine.
Open Powershell and check which cryptography protocols are currently available
[Net.ServicePointManager]::SecurityProtocol
Now update the registry key by using below commands
Set-ItemProperty -Path ‘HKLM:\SOFTWARE\Wow6432Node\Microsoft\.NetFramework\v4.0.30319’ -Name ‘SchUseStrongCrypto’ -Value ‘1’ -Type DWord
Set-ItemProperty -Path ‘HKLM:\SOFTWARE\Microsoft\.NetFramework\v4.0.30319’ -Name ‘SchUseStrongCrypto’ -Value ‘1’ -Type DWord
Restart PowerShell session: If you will check protocols again using
[Net.ServicePointManager]::SecurityProtocol
You will see tls12 in the list (these commands are forcing to utilize the higher encryption protocols)
This will resolve the issues related to tls1.2 permanently for all your scripts.
Reference found from: https://www.inflectra.com/Support/KnowledgeBase/KB510.aspx
Thanks for reading….
Tech Wizard
I hope this can be applied by GPO. Please let us know GPO settings as well
Thanks in Advance
Saurabh
As this is registry so there are many ways to push it.
Here are some articles that can guide on how to push via gpo or logon scripts..
https://www.itprotoday.com/data-security-and-encryption/how-use-group-policy-push-windows-registry-keys-end-users
https://techcommunity.microsoft.com/t5/ask-the-directory-services-team/deploying-custom-registry-changes-through-group-policy/ba-p/394878