ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY Server 2016/Exchange 2016

Over the weekend I’ve been installing Microsoft Server 2016 with Exchange 2016 on top. Once my SSL certificates were loaded, I got the following error when accessing OWA

ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY

I’ve seen this before on Apache. However, I was amused that this was an issue with Server 2016 since I thought that Microsoft would have disabled the Cipher suites used which cause this error. Apparently not.

A brute-force way to quickly fix this is to disable SPDY. To do this, open up the following registry key

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Http\Paramaters

Add the following two dword keys

EnableHttp2Cleartext 0
EnableHttp2Tls 0

It should look like the following

vmware_2016-10-30_17-00-25

You can likely disable your offending cipher suites by following these guidelines.

Update 1: I solved my issue by disabling SHA and MD5 hashes on the Exchange server using IISCrypto. See below:

IIS Crypto

Outlook cached mode can cause problems…

Have you had the problem where Outlook sits there, forever, waiting to “update current folder”. I recently had this problem when changing an Outlook 2007 client to HTTP over RPC. After I made this change, weird stuff started to happen. No problem I thought. I will use scanpst.exe and attempt to scan the file. In the past, this has been where most of these sorts of problems lie. This was quite a large file, 3.5gb. After this had completed and still didn’t work, I started scratching my head a bit. What would cause this to happen?

After a bit of testing, I found that turning cached mode off let the folder update. I then proceeded to delete every file out of the Outlook folder (under local settingsapplication datamicrosoftoutlook) apart from the ost file and archive folders.

This fixed the problem. This is the first time I’ve come across this so I thought I’d share.