We use office 365, and just recently received an email from them saying we had a client using TLS 1.0. I tracked this down to database mail. I'm an accidental DBA (more a developer, but now a jack-of-all-trades IT), so don't know about security at all.
We have MSSQL 2017 on Server 2016. One suggestions was to check the "use SSL" box in Database mail setup, but I already have that checked. I just checked the box for "force encryption" in SQL Server Config Manager -> Network config -> Protocols. I don't know how to test what TLS version Database mail is using - is there a way?
Other things I read say you need to disable TLS 1.0 and 1.1 in the registry for the entire server. Some other sites said there were a couple other registry settings that were needed to keys for .Net Framework.
This server is set to go into production in less than 3 weeks, and has many interfaces (third party, supposedly compatible with TLS 1.2) and SSRS and Crystal Reports that need to be tested. Some things I can't test until we go live (for example, electronic prescriptions - can't have those go to the non-prod database!). So I'm feeling a time crunch - we just got the email from Microsoft on Thursday, and I've been madly Googling since.
Please forgive my convoluted and/or unclear explanations. I hardly know enough about this subject to be able to ask the correct questions. Any help would be greatly appreciated!