April 15, 2021

Am a keen follower of Microsoft's SharePoint Blog and proud to provide this direct from the Microsoft Tech Community:

Note: Please take extreme caution before making any changes in Production. Make sure you test the changes in a test environment first.


Recently due to a spate of updates to various endpoints in SharePoint, Azure, and the AAD auth login endpoints, we are seeing projects compiled with version of .NET before 4.6 cause TLS errors which don’t always show as TLS errors in the PHA.


The error messages The underlying connection was closed” or “System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host” you are seeing is mainly due to deprecation of TLS1 1.0 & 1.1. Please see:

Preparing for TLS 1.2 in Office 365 and Office 365 GCC – Microsoft 365 Compliance | Microsoft Docs

Enable TLS 1.2 on servers – Configuration Manager | Microsoft Docs

TLS 1.0 and 1.1 deprecation – Microsoft Tech Community


The updates were communicated in the Office 365 message center.

  • MC218794 – July 17, 2020 | TLS 1.0 and 1.1 retirement date in Office 365 to be October 15, 2020

  • MC240160 – Feb 16, 2021 | Reminder: Disabling TLS 1.0 and TLS 1.1 in Microsoft 365


If the PHA app web is hosted on a remote physical server, then.


3 ways you can resolve the error:

1] You can either update applications web.config file and update httpRuntime to 4.7 example: 

<httpRuntime targetFramework=”4.7″/>




2] You can add the following registry key settings on your remote app web server(s):


“SystemDefaultTlsVersions” = dword:00000001

“SchUseStrongCrypto” = dword:00000001

Note: You may need to restart your server(s)




3] Add this one line of code above each instantiation of the ClientContext in your code:

System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12;

Note: Extensive code updates will be needed.


If the App web is hosted on Azure, then.

Log into the Azure portal (portal.azure.com) with an account with admin rights on the web app in question.

Once you open the App Services and select the web app hosting the PHA site, click on the App Service Editor (Preview).



This will open the editor, then select the web.config file and change the circled targetFramework attribute to 4.7 preferably (any setting higher than 4.6 will work too). Note the status in the upper right will say ‘DIRTY’ for a bit, then it should auto-save and change back to ‘SAVED’-



At this point you should be set, refresh the page with the PHA and all should be good.


if the application is a Azure WebJob, then.

You will have to re-target/re-compile the app to 4.6+ (recommend 4.7) and re-upload it to fix it.

You can’t use the config file for the exe to re-target the same way we can for a web application.

The above is kindly provided by the Microsoft Tech Community!

You May Also Like…