Examples of possible error messages

Error message: The underlying connection was closed: An unexpected error occurred on a send.

This error might occur when you are unable to restore mail to the original mailbox.

Error message: An unexpected error occurred on a send

This error might occur if you are unable to connect to Exchange Server.

This error might also appear as 

Error message: An unexpected error occurred on a receive

What causes this error?

This type of error is caused by an incorrect configuration of the .NET Framework.

• For TLS 1.2 and TLS 1.3, the SChannel protocol must be enabled at the operating system level
• You must update and configure .NET Framework so it supports TLS 1.2 and TLS 1.3

For details, please see:

• https://docs.microsoft.com/en-us/dotnet/framework/network-programming/tls#configuring-security-via-the-windows-registry
• https://learn.microsoft.com/en-us/exchange/exchange-tls-configuration

Prepare your system to resolve this error

STEP 1. Before enabling TLS 1.2 or 1.3, verify that your .NET Framework/OS combination supports it 

For Axcient DirectRestore (ADR) to function correctly, you must have .NET Framework 4.6.2 or higher. We recommend .NET Framework 4.8.

Refer to the tables below showing the highest supported TLS version for different combinations of operating system versions and .NET Framework target versions:

STEP 2. Confirm that all of your browsers are updated to the latest versions for TLS 1.2 or 1.3 enablement.

How to resolve this error

STEP 1. Confirm which protocols are enabled on the Windows server where the Exchange Server (ES) is installed.

To do this, open a file in Notepad after exporting registry from this path:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols

Note: TLS 1.2 / TLS 1.3 protocol should be enabled before proceeding. 

The following table shows the Exchange Server and Windows Server combinations on which TLS 1.3 is supported:

TLS 1.2 is enabled by default on Exchange Server 2019 / 2016 with the latest CU. 

Check the configurations through the ES console to verify no manual changes to the ES have been applied which might disable TLS 1.2 / TLS 1.3.

STEP 2. The method of fixing the Windows registry depends on the location where Axcient DirectRestore is installed. 

2.1. If Axcient DirectRestore is installed on a server: 

Restart the server after applying the .NET Framework registry change.

2.2. If Axcient DirectRestore is installed on a system other than a server:

Manually check the registry:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols 

If there are no protocols keys (TLS) inside the above path, apply the .NET Framework registry change.

Otherwise, if TLS 1.0/1.1 is enabled, disable it and enable TLS 1.2/1.3 (client and server).

STEP 3. To apply a .NET Framework registry change:

3.1. Confirm you have .NET Framework 4.6.2 or higher (preferably 4.8)

3.2. Verify that the registry parameters are set as below.

If the registry parameters differ from those shown below, you can apply changes manually or use this file: EnableStrongCrypto.reg.

3.3. Restart the server/system where Axcient DirectRestore is installed.

3.4. Reinstall Axcient DirectRestore after the restart.

 SUPPORT | 720-204-4500 | 800-352-0248

• Contact Axcient Support at https://partner.axcient.com/login or call 800-352-0248
• Free certification courses are available in the Axcient x360Portal under Training
• Subscribe to the Axcient Status page for a list of status updates and scheduled maintenance

1394