Our dedicated Product Specialist team is always ready to help you when you need it the most.
Contact Support
Errors after disabling TLS 1.0 and TLS 1.1 with Specops Password Reset
Description:
In some instances, customers who have disabled TLS versions 1.0 and TLS 1.1 may see errors when users try to use Specops Password Reset by browsing to the password reset page.
Users might see this error when browsing to the Password Reset site:
“An unknown error has occurred”
When you check the Application logs in the Event Viewer on the server running Specops Password Reset you might see errors similar to these:
Event ID 1309 – ASP.NET
“An unhandled exception had occurred”
“The client and server cannot communicate because they do not possess a common algorithm”
Resolution:
- Ensure TLS 1.2 is enabled on the server running Specops Password Reset.
- You can check via the registry by ensuring that HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client\DisabledByDefault registry key exists and is set to 0. You also need to check that HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client\Enabled is set to 1.
- Check with a tool such as IISCrypto to check your enabled TLS versions.
- Ensure that the version of .NET installed on the server running Specops Password Reset supports TLS 1.2.
- If you are on a version of Specops Password Reset before version 6.8.18298.2, you will need to upgrade.
- TLS 1.2 support was added in version 6.8.18298.2, anything before this version requires TLS 1.0/TLS 1.1.