The customer was trying to connect to Azure, and PowerShell was throwing this error
You are using TLS version 1.0, 1.1 and/or 3DES cipher which are deprecated to improve the security posture of Azure AD.
The error provided this handy reference:
Enable TLS 1.2 support as Azure AD TLS 1.0/1.1 is deprecated – Active Directory | Microsoft Docs
I confirmed that the client operating system supported TLS 1.2.
It was PowerShell and .Net, which weren’t supporting TLS 1.2.
The results of the [System.Net.ServicePointManager]::SecurityProtocol
command was:
SystemDefault
To force TLS1.2?
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12;
That’s on a per PowerShell session basis. To force it ON for the whole workstation, use the SchUseStrongCrypto registry key.
References:
Quick ProTip: Negotiate TLS Connections In Powershell With A Minimum TLS Version Requirement – PowerShell.org
Defaulting Your System to use TLS 1.2 for .NET Applications – KB510 – (inflectra.com)
Adding TLS 1.2 support for Powershell (gbeifuss.github.io)
Authentication errors when client doesn’t have TLS 1.2 support – SharePoint | Microsoft Docs
Get-TlsCipherSuite (TLS) | Microsoft Docs