Upcoming Webinar
Cayosoft Shows How Forest Recovery Tech Addresses Survey Issues
Join this webinar and not only learn about what your peers are doing, but also learn about a new patent-pending modern approach to AD forest recovery from Cayosoft.
New episode!
The Scoop on Loop: The Latest Innovations Directly From Microsoft!
Darrell Webster speaks to Rebecca Keys, a Program Manager from the Microsoft Loop team.
Turn Data Protection into an MRR Growth Engine
Security for your customers, revenue for your MSP practice. Access key insights on how to scale your practice with SkyKick’s new eGuide.
MSP eGuide to Package, Sell and Deliver M365 Security Services
Based on input from our top-performing MSPs, SkyKick prepared the MSP Guide to help you navigate the security landscape.

M365 Changelog: TLS1.2 enforcement for Direct Routing SIP interface

MC297438 – Microsoft is making some changes to Direct Routing SIP interface.

On January 3rd 2022, to provide the best-in-class encryption to Microsoft’s customers, they will begin retiring Transport Layer Security (TLS) versions 1.0 and 1.1 and begin obligating TLS1.2 usage for the Direct Routing SIP interface.

The move to TLS 1.2 is to ensure that Microsoft’s service is secure by default and in alignment with the rest of Microsoft 365 services as previously communicated (MC126199 in Dec 2017, MC128929 in Feb 2018, MC186827 in July 2019, MC218794 in July 2020, MC240160 in February 2021, and MC292797 in October 2021).

You are receiving this message because Microsoft’s reporting indicates that your organization is still connecting using SMTP Auth client submission via smtp.office365.com with TLS1.0 or TLS1.1 to connect to Exchange Online.

Note: If your organization has already taken steps to migrate from TLS 1.0 and 1.1, you can safely disregard this message.

How this will affect your organization:

To provide the best-in-class encryption to Microsoft’s customers, they will be retiring Transport Layer Security (TLS) versions 1.0 and 1.1 beginning January 3rd 2022 and will begin forcing TLS1.2 usage for the Direct Routing SIP interface.

To avoid any service impact, please make sure that your SBCs are configured to support TLS 1.2 and are able to connect using one of the following cipher suites:
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 i.e. ECDHE-RSA-AES256-GCM-SHA384
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 i.e. ECDHE-RSA-AES128-GCM-SHA256
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 i.e. ECDHE-RSA-AES256-SHA384
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 i.e. ECDHE-RSA-AES128-SHA256

What you need to do to prepare:

For information on how to get ready for the enforcement of TLS 1.2, please visit: Enforce TLS 1.2 for the RMS Connector

Learn more:

Disabling TLS 1.0 and 1.1 for Microsoft 365