How to Enable TLS 1.2 in Outlook (Windows 7)

TLS Protocol Version 1.0 is not secure and as a result, needs to be disabled on servers that offer PCI compliance.

Currently, we only support TLS 1.2.

If you’re using Windows 7 and Windows 8.0, applications built using WinHTTP such as Microsoft Outlook, Word, etc will only support TLS 1.0.

Since this protocol is no longer secure and is now disabled, if you try and establish a secure connection using your Outlook e-mail client to the GreenGeeks mail server, Outlook will display an error message similar to the one below:[ht_message mstyle=”info” title=”” show_icon=”” id=”” class=”” style=”” ]“Your server does not support the connection encryption type you have specified.”[/ht_message]

To resolve this issue and allow Outlook to communicate securely to the GreenGeeks mail server using TLS 1.2, you will have to follow these instructions.

Install the KB3140245 Update

Before you start, you will need the KB3140245 patch required for your operating system. You can get it by going to the Microsoft Update Catalog.

Click the “Download” button for your OS. As you can see, this patch is needed for Windows 7, 8 and Server 2008 and 2012.

Make sure you’re getting the correct file. You will see that Windows 7 has two available files. These are for 32 and 64-bit systems. Download the one that matches your version of Windows.

Once you download the file, install it.

However, you may already have this file if updates are current in Windows. It’s usually in the Optional section as it’s not necessarily needed to run the computer.

It’s probably a good idea to see if it’s already listed and update the file from Windows Updates.

Registry Editing Method 1: Using Easy Fix

If you don’t want to root around in the system’s registry, and I don’t blame you for not, you can always use the “Easy Fix” application. You can find this on Microsoft’s website, and it will do all the changes for you automatically.

Go to the Microsoft website and click “Download” under Easy Fix.

You may have to scroll down the page a bit to see the download button.

Run the application and follow its instructions.

Registry Editing Method 2: Editing The Registry

For this tutorial, we’ll edit the registry of Windows. Although this is a delicate process, it’s not overly difficulty. As long as you follow the instructions precisely, you’ll have nothing to worry about.

Open the Registry Editor

Click the Start button on the bottom left.

Click the option to “Run”. This will open a new small window with a text field.

Type regedit in the field and click, “OK.”

Adding the DWORD Value

Look for this entry in the Regedit screen:[ht_message mstyle=”info” title=”” show_icon=”” id=”” class=”” style=”” ]HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp[/ht_message]

Create a DWORD value Called DefaultSecureProtocols.

Set the value of this to: 0xA00

Now look for this entry:[ht_message mstyle=”info” title=”” show_icon=”” id=”” class=”” style=”” ]HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp[/ht_message]

Create a DWORD value Called DefaultSecureProtocols.

Set the value of this to: 0xA00

Look for this value in the registry:[ht_message mstyle=”info” title=”” show_icon=”” id=”” class=”” style=”” ]HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client[/ht_message]

Create DisabledByDefault DWORD and set the value to: 0.

Reboot the Computer

Once your values are placed and saved in Regedit, reboot the computer. Your settings will be live once the system restarts.

Keep Your Email Secure

Any security is better than none at all. Using TLS helps by giving you a layer of protection to keep your data safe. It’s not only email fraud that will cost your business in the long run.

Do what you can to make your email harder to access by the criminal element.