Teem TLS 1.1 Deprecation

    August 13th, 2020

    Last updated: August 13th, 2020

      Area of Troubleshooting: Exchange Calendar Sync

      Exchange 2007 SP1, Exchange 2010, Exchange 2010 SP1 - SP3, Exchange 2013, Exchange 2013 SP1, Exchange 2016. 

      Problem Description: 
      In December 2018, Teem Technologies announced a 60 day sunset period for the use of the insecure TLSv1.0 encryption protocol. TLSv1.0 can allow man-in-the-middle attacks potentially revealing the respective customer’s data and credential information.

      On February 28th, 2019, Teem deprecated support for the TLSv1.0 security protocol on our servers. On March 3, 2019, Teem Customer Support began to receive reports that some customers using on-premise Exchange servers were noticing that 

      On August 1st, 2020, Teem announced the planned deprecation of TLS 1.1 on September 13th, 2020.  This can cause events to stop syncing to all of a customer's Teem Room Display devices if the customer does not have the appropriate Exchange server updates. 

      Problem Identification & Root Cause Analysis 

      Immediately following these reports, engineers at Teem began to investigate the problem. The root cause was identified as TLS compliance for push notifications from on-premise Exchange environments. Affected customer systems did not have Exchange servers that complied with the Microsoft TLS security updates and patches.

      It is assumed that if this problem occurs, the on-premise Exchange servers used to sync room calendars with Teem systems do not have the correct configuration to support TLS 1.2.

      Actions & Next Steps: 

      First, affected clients should verify that they have completed the steps in this guide.  Notably, the steps specific to ensuring you have the correct server updates for your specific environment.

      Secondly, administrators will need to follow the steps outlined in this article to properly set TLS 1.2 (or above) as the default outbound connection protocol.

      In the above guide, clients will want to focus on the following sections:

      • "Enable TLS 1.2 for SChannel" 

      • "Enable TLS 1.2 for .NET 3.5" 

      • "Enable TLS 1.2 for .NET 4.x"

      After running the registry edits found in the guide above, administrators will need to restart updated Exchange servers. Steps to validate the configuration are provided in the referenced articles.

      What next?

      After performing the steps above, navigate to app.teem.com and open the left-hand menu.  From this menu, select “Manage” and then “Calendars”.  Next, click the “Select All” checkbox in the list of calendars and click the “Re-sync” button.  Perform this step for all calendars present; this will re-initialize the calendar push notification subscriptions.

      To test the solution, run the following tools on your mail server and ensure TLS 1.2 or higher is being utilized:

      Teem asks that you perform the outlined steps even if you believe that you’re already supporting TLS 1.1 and/or 1.2. While TLS 1.1 and 1.2 may be enabled in some systems and contexts, it is possible that not all subsystems recognize the new defaults (namely the components that connect to the Teem platform). Taking the steps above are key to resolving this issue.

      All Teem products and services have continued to operate for customers during this process. Teem recommends maintaining current patch levels for all email/calendaring and operating systems. This guide is provided to inform your infrastructure, administrative and operations teams of particular areas of interest.

      Please Note: Apple, Google, and Microsoft will be deprecating support for TLSv1.1 in early 2020. Please plan ahead now to support TLSv1.2 and TLSv1.3.

      Was this article helpful?

      Send feedback

      Get In Touch With Us

      Start a Support Ticket