@Sajith Gopalakrishnan Hema I have managed to resolve the issues on my server by updating the SSL Cipher Suire Order, i had mistakenly removed some of the suites that windows suggested was for TLS1.0 and 1.1 only when in actual fact they were needed for some TLS1.2 connections as well.
I resolved my issues by:
- Open Run Prompt and run gpedit.msc
- Navigate to "Administrative Templates > Network > SSL Configuration Settings"
- Open SSL Cipher Suite Order
- Select Enabled
- Paste the list of suites below into the text box (make sure there are no spaces)
- Click Apply
- Restart the server
SSL SUITES:
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Note, these suites work for me but you may require other ones for different applications. You should be able to find a full list and more info on the suites here https://zcusa.951200.xyz/en-us/windows/win32/secauthn/cipher-suites-in-schannel?redirectedfrom=MSDN
I hope this helps to solve your issue