PowerShell failed to invoke ‘New-FederationTrust’: Unable to access the Federation Metadata document from the federation partner
We were in the process of migrating mailboxes on-premise Exchange 2013 running on Windows Server 2012 to office 365 and while installing the Hybrid Configuration Wizard we were getting the following error.
PowerShell failed to invoke ‘New-FederationTrust’: Unable to access the Federation Metadata document from the federation partner. Detailed information: “The underlying connection was closed: An unexpected error occurred on a receive
After some troubleshooting and collecting logs, we found out that the reason we were getting that error is that a few years ago and to comply with PCI requirements, we disabled SSL and weaker TLS encryptions and enabled TLS 1.1 and 1.2 on the Exchange server. We only did the HTTPS part. The Hybrid Configuration was invoking .NET that was trying to use those disabled protocols and therefore the Hybrid Configuration Wizard was failing. In Registry we forced .NET to use the new TLS protocols not the disabled ones.
Added the following Registry values
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
“SystemDefaultTlsVersions”=dword:00000001
-AND-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319]
“SystemDefaultTlsVersions”=dword:00000001
Leave a Reply
Want to join the discussion?Feel free to contribute!