Make sure that your ePO Server supports communication over TLS 1.1 or TLS 1.2 protocols. Also, make sure that your SQL Server systems support communication of these protocols.

For information about enabling TLS 1.2 on a Microsoft SQL Server, see Microsoft article 3135244.

The easiest way to enable TLS 1.1 or 1.2 on an operating system is to use IIS Crypto. The IIS Crypto tool is a free tool that allows you to make changes related to TLS and Ciphers on a Microsoft operating system.

To manually update the registry, you can do either of the following:

• Follow the instructions in the previously linked Microsoft article 3135244.
• Use IIS Crypto.

To use IIS Crypto for this purpose:

1. Download IIS Crypt.
2. Copy the executable (IISCrypto.exe) to the SQL Server that hosts the ePO database.
3. Verify if TLS 1.1 or TLS 1.2 is selected in the "Server Protocols" section.
   1. Run IISCrypto.exe.
   2. Click the Secure Channel (Schannel) tab.
   3. View the "Server Protocols" section.
   4. If needed, select either TLS 1.1 or TLS 1.2.
   5. If you made a change, click Apply.
   6. Reboot the operating system where the SQL Server is installed.
4. Copy the executable IISCrypto.exe to the server that hosts ePO.
5. Verify that TLS 1.1 or TLS 1.2 is selected in the "Client Protocols" section:
   1. Run IISCrypto.exe.
   2. Click the Schannel tab.
   3. View the "Client Protocols" section.
   4. If needed, select either TLS 1.1 or TLS 1.2.
   5. If you made a change, click Apply.
   6. Reboot the ePO Server.

IIS Crypto Interface