ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY Server 2016/Exchange 2016

Over the weekend I’ve been installing Microsoft Server 2016 with Exchange 2016 on top. Once my SSL certificates were loaded, I got the following error when accessing OWA

ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY

I’ve seen this before on Apache. However, I was amused that this was an issue with Server 2016 since I thought that Microsoft would have disabled the Cipher suites used which cause this error. Apparently not.

A brute-force way to quickly fix this is to disable SPDY. To do this, open up the following registry key

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Http\Paramaters

Add the following two dword keys

EnableHttp2Cleartext 0
EnableHttp2Tls 0

It should look like the following

vmware_2016-10-30_17-00-25

You can likely disable your offending cipher suites by following these guidelines.

Update 1: I solved my issue by disabling SHA and MD5 hashes on the Exchange server using IISCrypto. See below:

IIS Crypto