TLS Issue on NAV2013
Microsoft recently decided to start disabling the Transport Layer Security protocols: TLS 1.0 and 1.1 on Microsoft 365 service. Due to this new policy, one of our clients who currently using NAV 2013 became unable to send email. Every time users try to send an email, they will get the error from SMTP Mail Server saying “Authentication failed because the remote party has closed the transport stream.”. If they try multiple times, the email will somehow get through.
NAV uses the server’s security protocol to send an email, and the NAV is currently sits on Windows Server 2008 R2 which by default does not support TLS1.2.
To solve this issue, we needed to find a way to enable TLS1.2 on Windows Server 2008 R2 by using Regedit (Registry Editor). Make sure you backup the registry first before attempting to do this. Also make sure that you have at least Microsoft .NET Framework 4.5.2 installed on the server.
First step is to turn on support for TLS 1.2 by creating TLS1.2 Server and Client folders in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\
For both folders, create a new DWORD value named DisabledByDefault and set the value to 0. Create again a new DWORD value named Enabled and set the value to 1.
Browse to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp. create a new DWORD value named DefaultSecureProtocols and set the value to 800. On a 64-bit version, you also need to do it on HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp.
Browse to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework\v4.0.30319. create a new DWORD value named SchUseStrongCrypto and set the value to 1. On a 64-bit version, you also need to do it on HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft.NETFramework\v4.0.30319 .
Once you finished with all the above steps, restart the server, and you can start sending email again from NAV without any error message.
Does this workaround would solve problem for accessing development environment 2013 connectivity issue as well?
i.e.,Issue of accessing the Nav Development Environment after we disable TLS 1.1 and TLS1.0 in the MSSQL server for the Navision system.
Not sure. You can try it.
Thanks for creating this post.
I have been struggling with this issue for days. I kept saying it was an infrastructure issue, while they kept saying it was a NAV issue and we weren’t getting anywhere until I saw this post. Sent your blog to them, so hopefully, we can put this issue to rest once in for all.
Glad to be able to help. 🙂
Did you able to sort this out?
Making those Regedits fixed the issue for us. No one has complained about that error message in days.
Thanks. 🙂
You saved me from recompiling a bunch of old code and re-deploying. Can’t thank you enough for this post.
Our client complained today they haven’t been getting their emailed reports for almost 2 weeks. The error was the same as you described above. I was hoping there was a registry hack, and then I found your post.
Even though I’m not dealing with Microsoft Dynamics, I was able to use your registry updates with great success.
Very thankful there are folks like you out there taking the time to document fixes!
You’re welcome, Bill. Glad that this post can help you.
Thank you! Recommendation works properly!