PowerShell failed to invoke ‘New-FederationTrust’: Unable to access the Federation Metadata document from the federation partner

We were in the process of migrating mailboxes on-premise Exchange 2013 running on Windows Server 2012 to office 365  and while installing the Hybrid Configuration Wizard we were getting the following error.

PowerShell failed to invoke ‘New-FederationTrust’: Unable to access the Federation Metadata document from the federation partner. Detailed information: “The underlying connection was closed: An unexpected error occurred on a receive

After some troubleshooting and collecting logs, we found out that the reason we were getting that error is that a few years ago and to comply with PCI requirements, we disabled SSL and weaker TLS encryptions and enabled TLS 1.1 and 1.2 on the Exchange server.  We only did the HTTPS part.   The Hybrid Configuration was invoking .NET that was trying to use those disabled protocols and therefore the Hybrid Configuration Wizard was failing.  In Registry we forced .NET to use the new TLS protocols not the disabled ones.

Added the following Registry values

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]

“SystemDefaultTlsVersions”=dword:00000001

-AND-

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319]

“SystemDefaultTlsVersions”=dword:00000001

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published.