Reputation: 2178
Has EWS through o365 changed the way it handles SSLv3 connections?
I've found a problem in my application which means that something is unknowingly (to me) changing:
ServicePointManager.SecurityProtocol = SecurityProtocolType.SSl3;
It appears that in spite of this, my EWS Managed API integration has been working fine for some time, but I am now getting consistent WebExceptions:
The request failed. The underlying connection was closed: An unexpected error occurred on a send.
I'm working to fix up our application to ensure that SecurityProtocol is set correctly to SecurityProtocolType.Tls but given that it is a global setting within the AppDomain it is not a quick fix.
This o365 blog post suggests that Microsoft are planning to remove SSLv3 support (presumably in light of the POODLE vulnerability) - but does anyone know if there have been recent changes affecting the SSLv3 support in EWS?
Upvotes: 0
Views: 366
Answers (1)
Reputation: 46
I don't know how recently this has happened, but outlook.office365 has fully disabled SSL V3.
https://www.ssllabs.com/ssltest/analyze.html?d=outlook.office365.com&hideResults=on&latest
says...
TLS 1.2 Yes
TLS 1.1 Yes
TLS 1.0 Yes
SSL 3 No
SSL 2 No
Upvotes: 1
Related Questions
- How to use 1.2 TLS version in .NET for getting authenticated to EWS Server
- Connection to Office 365 by EWS API
- Interesting problem with ews managed api 2.0
- Does EWS connection supports TLS 1.2
- Office 365 Message Encryption and EWS API endpoints
- Can we connect to Exchange 2016 using EWS Managed API?
- EWS and TLS 1.2 - having issues connecting automatically
- O365 , EWS Managed API and ExchangeVersion
- Does ews-java-api work with microsoft exchange 365?
- Using EWS with Office 365 fails with Server doesn't support requested version