Preparing for the mandatory use of TLS 1.2 in Office 365

On October 31, 2018, Microsoft Office 365 will disable support for TLS 1.0 and 1.1 as mentioned in Microsoft's Supports article here. As a result, starting on October 31, 2018, all client-server and browser-server combinations must use TLS 1.2 or later protocol versions in order to connect without issues to Office 365 service. Additionally, this might require updates to be made for certain client-server and browser-server combinations.

With the mandatory changes in Office 365, VMware AirWatch is re-enabling TLS 1.2 in all future Workspace ONE UEM (AirWatch) Console releases (post 9.2.3), and also providing a utility for any older supported versions of AirWatch (9.0+). For Console versions 9.0+, the utility will update all the necessary web.config's and app.config's. In addition, it will notify the administrator whether the particular server has TLS 1.2 disabled within the registry per the Microsoft support article here on Transport Layer Security (TLS) registry settings.  

AirWatch Component Office 365 Component

Secure Email Gateway (SEG)

Office 365 Exchange ActiveSync

Content Locker/Content Gateway

SharePoint Online or OneDrive for Business

Workspace ONE UEM (AirWatch) Console

Utilization of Microsoft Graph API’s for:

  • Windows 10 Enrollment
  • Revocation of Azure Refresh Token
  • DLP settings for Office 365 Apps (Beta)

Email Notification Service

Office 365 Exchange Web Services


Support Contact Information

To receive support, either submit a ticket via the My Workspace ONE portal or call your local support line.


Best Regards,

The VMware Workspace ONE Team

Have more questions? Submit a request


Article is closed for comments.