TLS 1.1 and 1.2 for mail-program mail-account acess

[visionhelp]

Sorry, don´t know, whether it is an issue: One of my mail account is going to be deactivating TLS 1.0 and 1.1. So at least TLS 1.1 and 1.2 (so the statement) is required for further working of my Mail-program, mine: OE6 from in XP. i could read, that browsers do install this (TLS 1.1 and 1.2) also. Then this topic could be solved already. Ah, sorry, except of the still required to do the some sub-keys in registry (for access the mail-account). If, I am not sure currently.)

For test of 1.1 and 1.2 (and even 1.3) this site: https://clienttest.ssllabs.com:8443/ssltest/viewMyClient.html

With hope it is from interest and helps.

[dainiusb]

Sorry, but what you wrote is not really comprehensible. Do you need TLS 1.2 support in OE6? I don't think OE6 can work with TLS 1.1 or 1.2.

[visionhelp]

Sorry, I am figuring it out but just so far: there is an update (2 versions) for TLS 1.1 and 1.2, but is for Windows XP Embedded, in usual XP (Home or Prof.) it does work for the most, but not for an other and not for me: ("The installed Windows version does not fit with the update ..."). I do need it for OE (6 XP), because the mail-account is deactivating TLS 1.0 and 1.1 to 29th of June. Today´s searches, in XP-forums, is telling about TLS 1.0 and 1.1 and 1.2 for browsers also. Some browsers versions, Firefox f. e., do install with, but not already working, without some steps as change little in registry-keys. But for browser and Outlook Express these changes are different, and I imagine, those could depend on each other. But this is just overchallenging me. In this short time, to have to reach success the next days, sorry.

(I imagine, the message from some sites, especially sites from big companys, could come, maybe or not, from this missing TLS 1.2 , but this is an other topic.)

For example: This for browser (web-sites) https://msfn.org/board/topic/178092-enable-tls-11-and-12-in-windows-xp-correctly/, this for mail-accounts https://supportnet.de/forum/2528999/windows-xp-tls-1-2-installieren (A link for test: https://clienttest.ssllabs.com:8443/ssltest/viewMyClient.html)

Here could be some good help, but, and sorry, for fast ´just´ too much effort (in short time), to test and try: https://msfn.org/board/topic/171814-posready-2009-updates-ported-to-windows-xp-sp3-enu/#comment-1061758

[sirrooster]

It as hurting me, what the useres say about XP in your german forum :-(

For your TLS issue, I don't think that this Update would help Outlook to run. But you can try. This the the right TLS Update for XP-> https://support.microsoft.com/de-de/topic/aktivieren-von-tls-1-1-oder-tls-1-2-als-sichere-protokolle-winhttp-windows-embedded-posready-2009-und-windows-embedded-standard-2009-aktualisieren-f51ec93b-9988-7ac6-98a1-b8968c40ab7f

But it would be easiest for you to install OEclassic. It's a clone of Outlook with regular updates. Or you can use Thunderbird 52.9.1 But it's very different from Outlook.

[visionhelp]

(Do You mean support_net ? If it is not an expressivly XP-forum one may not talk about XP, it starts shit-storm and mobbing, in my understanding. Lobby-work (for Microsoft; propaganda for the newest) from the evilst. Speaking about security holes, and not about safety-programs as anti-vir, firewall, and and and. But, so what.) (They could feel as being forced to leave XP and do now force the others also, but their individual ways of forcing ... until mobbing and discrediting and hurting and insultings.)

OEClassic - from some details - I do understand is not for me, Thunderbird could be. But also the require TLS 1.1 and 1.2 to work at all. I am so used to OE6.

I did find a 10,8 MB second, near the 1,1 MB, update. But both do say ´does not fit to the existing OS´ and denies installing. This - greatfully german, but very bad and not REALLY good to use translation - link from You, ´just´ the correct and appearing workable registry-entry/s doing, sounds very interessting. Despite of still being confused about settings for browser (IE) - without having to use IE at all, but - in the Internet-options ´Extended´ to see and if (still) needed to switch on there also ... and WILL hopefully work for Outlook Express. A great, big thank first to You.

[NoNameNeeded2]

I haven't read all the links and so on but OE6 can have TLS 1.2 with the aforementioned update. The problem is, as you said, that it requires Windows XP Embedded and will refuse to install on a regular XP installation. That's why some people change a registry setting in order to make the update THINK it's on XP Embedded while it really is just XP.

But that doesn't have anything to do with Mypal68. You can't copy the TLS1.2 stuff from a browser to OE6. You can however use Webmail in your browser, because the browser supports TLS1.2 out of the box.

[visionhelp]

"OE6 can have TLS 1.2 with the aforementioned update", "requires Windows XP Embedded and will refuse to instal", "change a registry setting in order to make the update THINK it's on XP Embedded while it really is just XP": this is speaking against each other, sorry, "OE6 can have" but "requires Windows XP Embedded".

The description the ´update´ - the last link - is saying, it itself is doing (the) setting/s in the registry plus this 2 files update: Winhttp.dll 5.1.2600.7587 355,840 12-Oct-2018 17:12 x86 Updspapi.dll 6.3.13.0 382,840 31-Jan-2018 18:26 x86 And does the registry-entry and setting by this update with, before the files updating, I suppose: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp the sub-key " DefaultSecureProtocols " to activated. The ´WPA´-key (to make the update for XP ´think´ it is the ´Embedded´ version), You mention, for some it seems to work, but one says, for him not, and for me not also. But now perhaps this one ...

Sorry, I still cannot DO this step. Because emotionly I am after these days this focus and effort (just) EXPECTING: TO WORK.

"can't copy the TLS1.2 stuff from a browser to OE6": this is not necessary, I think. Despite not using IE6, the Internet Options (at) Extended, list the available TLS versions to check or uncheck. When TLS 1.2 is available, perhaps from this update (this working) this last link here, it should be listed (then) there also. (But just an idea, sorry.)

Mypal68 supports TLS 1.2 ? Please, what is Webmail ? Thanks the interesst.

[visionhelp]

(Just to mention:) Sadnessly the file-name of the download the update is too long and I had to shorten it for (while, before) saving. "windowsxp-kb4467770-x86-embedded-enuf61e16be7e32887953b29ae1b8ba90064f3ef0a5.exe" (for example) to ´windowsxp-kb4467770-x86-embedded-enu.exe´

[NoNameNeeded2]

What I mean by webmail is that you use the browser for e-mails, e.g. if you have a yahoo account you can use the web browser to see all your e-mails, compose new e-mails etc.

[visionhelp]

Oh, ah, yes. Thanks THIS remembering. Despite I do not like it at all. Each of these sites - and each single site there - lasts just too long to load. But, and: thanks, this ´little´ relaxing therefrom (now) already possible [SMILE].

[NoNameNeeded2]

Yes I know it's not a perfect solution. It's much easier to have ONE application for all your e-mail accounts.

Sorry to hear that the registry patch didn't work for you (to install TLS 1.2 on regular XP). It worked for me on 3 different computers so that's strange.

OEClassic would be another e-mail application but I don't like it since it takes ages to load (even on newer computers).

[visionhelp]

It helps now ´just´ to more relax again. THIS is already very well, remembering I am not out of my mail-accounts.

For offline working - before sending, after receiving - and fast to receive and send mails, 2 accounts, within no 20 seconds, depending on ..., is just easy and great.

OEClassic ´Properties´ not to show: NO. Done. But I think requires TLS 1.2 also.

Sorry, the misunderstanding: STILL do not do the update, because of my now BIG expectation, HAS to work. So, still not tried. (My nerves. [SMILE])

"It worked for me" (1): this last link (here) update ? Before You tried also the WPA registry-entry ? Did You leave it or delete it again, before using this now working update ?

(1) So in ´Internet Options´ ´Extended´ You have now TLS 1.1 and 1.2, and perhaps still 1.0 ?

But now this (other) idea: does OEClassic bring with installing TLS 1.2 (at all), and could then be installed - automatically - for OE6 (XP) just with ?

[NoNameNeeded2]

OEClassic comes with TLS 1.2, it's built-in, the OS doesn't need to provide TLS 1.2 for OEClassic to work (as opposed to OE6). And no, by installing OEClassic you wouldn't fix the problem for OE6, since OEClassic comes with its own TLS stuff that doesn't affect anything outside of the application.

I think I left the registry setting as it is on some computers and set it back on some other computers. But removing the XP embedded setting is MUCH HARDER to do than setting it and you don't really need to remove it.

I'm not on a patched XP right now, so I can't say anything about the internet options.

[visionhelp]

Whoah ... whoah ... whoah. "OEClassic comes with TLS 1.2": this is quite new to me. From my understanding, such installings - here the TLS with - then work in the entire OS. And if You call up IE6 (XP), without for using, but just only to get into the ´Internet Options´ ´Extended´, for to see whether near the TLS 1.0 is also 1.1 and 1.2, check/uncheck boxes, are there. Then it also works for OE6 (XP) ... my assumption.

Easier than to set a registry key to me is to remove a key, but OK. "you don't really need to remove it.": Good news. Thank You very much.

Sorry, "not now": OK. But OEClassic bringing with TLS 1.2 to me is revelation ... already. Thank Youi this info very much.

[NoNameNeeded2]

Du scheinst eine deutsche Version von IE zu verwenden, weswegen ich annehme, dass du möglicherweise deutsch sprichst. So ist es vllt. einfacher: OEClassic hat TLS 1.2 eingebaut, Windows XP muss dafür TLS1.2 nicht unterstützen, das kann das Programm alleine. Allerdings bedeutet das NICHT, dass deswegen andere Programme auch TLS1.2 verwenden können (durch die Installation von OEClassic wird TLS1.2 also nicht in XP nachgerüstet) Anders ist es bei dem Patch für XP Embedded. Der gilt dann für jedes MS-Internet-Programm, also auch für IE und OE Damit können sowohl IE als auch OE TLS1.2 verwenden.

Für OEClassic brauchst du also keinen Patch für XP. Für OE6 schon.

Es ist nur eine Einstellung die in der Registry umgestellt wird, die XP dann glauben lässt es sei XP Embedded. Damit lässt sich dann das TLS 1.2. Update installieren. Hat bei mir bei 3 Computern funktioniert. Dieses Registry-Setting wieder zu entfernen (nach der Installation des Patches braucht man diese veränderte Einstellung ja nicht mehr) ist allerdings deutlich schwieriger, weil das Betriebssystem das nicht zulässt solange es läuft. Und wenn's nicht läuft kommt man nur schwer zur Registry. Es geht, aber es ist zeitaufwendig und lohnt den Aufwand nicht. Dann glaubt XP eben für den Rest aller Zeiten es sei XP Embedded. Meines Wissens gibt es dadurch keine Nachteile.

[AstroSkipper]

But that doesn't have anything to do with Mypal68. You can't copy the TLS1.2 stuff from a browser to OE6. You can however use Webmail in your browser, because the browser supports TLS1.2 out of the box.

That's absolutely true. Your request has to be done in a Windows XP forum like MSFN. In subforum Windows XP all your questions will be answered. To establish system-widely a connection using the protocol TLS 1.2, you have to use a special proxy called ProxHTTPSProxy. Visit my thread ProxHTTPSProxy and HTTPSProxy in Windows XP for future use and read especially first post! There you can find all needed information: https://msfn.org/board/topic/183352-proxhttpsproxy-and-httpsproxy-in-windows-xp-for-future-use/?do=findComment&comment=1213600 But here is the wrong place for posting your questions. It has nothing to do with issues in Mypal 68.

Cheers, AstroSkipper

PS: MSFN is an English spoken forum. Unfortunately, you have to post in English only. And I say that being a German. And on GitHub, English is the general language too, to ensure that all can follow a conversation.

[visionhelp]

(I do additionly in english, with https://translate.google.de/?hl=de&sl=de&tl=en&op=translate PLUS manual.)

"OEClassic does not upgrade TLS1.2 in XP": That is exactly my guess. OEClassic (8 MB) done the downlaod. I will actually really test it.

"Remove this registry setting" "" because the operating system does not allow it as long as it is running": The update of the last link (from here) is only a new key (HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Current version \ WinHTTP" DefaultSecureprotocols ") into the registry, not that for this ´do-so-as-whether´ ´XP-EMBedded (under WPA). This is my worry. Not the first. If it really is not to be to delete, in the running OS ... let's see. (Then probably with ´Clearprog´.)

I will report, OEClassic, and possibly the update of the last link (from) here. Many thanks to the effort, and the friendly contact.

(German:) "von OEClassic wird TLS1.2 also nicht in XP nachgerüstet": das ist ja genau meine Vermutung. OEClassic (8 MB) gerade herunter-geladen. Ich werde es tatsächlich testen.

"Dieses Registry-Setting" "entfernen" "weil das Betriebssystem das nicht zulässt solange es läuft": Das Update von dem hier letzten Link macht nur einen neuen Schlüssel (HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp "DefaultSecureProtocols") in die Registry, also nicht den für das ´so-tun-als-ob´ ´XP-embedded (unter WPA). Für Letzterem belassen habe ich Sorgen. Den Ersten gar nicht. Wenn der tatsächlich nicht zu löschen ist, im laufenden OS ... mal sehen. (Mit ClearProg dann vermutlich.)

Ich berichte, OEClassic, und eventuell das Update des hier letztgenannten Links. Vielen, lieben Dank die Mühe, und den freundlichen Kontakt.

[visionhelp]

Still want to mention deeper going topics - as f. e. .NET Framework - for TLS 1.2 this link, if perhaps from interesst: https://docs.microsoft.com/en-us/mem/configmgr/core/plan-design/security/enable-tls-1-2

[visionhelp]

OEClassic installed, but I did not run it, because of not knowing, what happens to the things of OE. OK, my thought was worth a try for me. Then now installed ´windowsxp-kb4467770-x86-embedded-enu_(...).exe´ but with this error: KB4467770 Setup Error "Setup connot update your Windows XP files because the language installed on your system is different from the uddate language." (This XP (Corporate) is german.) I'll see this recommendation here (https://github.com/Feodor2/Mypal/issues/88)

(German:) OEClassic installiert, aber nicht gestartet, weil ich nicht weiß, was mit den Dingen von OE passiert. OK, mein Gedanke war mir einen Versuch wert. Dann installiert jetzt ´WindowsXP-KB4467770-X86-Eingebettem-Enu _ (...). Exe´, aber mit diesem Fehler: KB4467770 Setup -Fehler "Setup connot update your Windows XP files because the language installed on your system is different from the uddate language." (Dieses XP (Corporate) ist deutsch.) Ich schaue mal hier diese Empfehlung (https://github.com/Feodor2/Mypal/issues/88)

[visionhelp]

Hi, AstroSkipper. "You can't copy the TLS1.2 stuff from a browser to OE6.": As from IE6 ´with´ OE6 in XP for me to understand, is - as now - TLS 1.0 "system-widely" is installed. Despite running a web-site (a browser) for/with TLS 1.2 I understand: running for access eMail-account is another thing, another topic. This may be mis-understood by me. But if this both are in context, and Mypal68 ´should ´then´ have TLS 1.2 also, then it could solve with the issue for OE6, for access eMail-acounts, ´at once´ - equal - with. But this is just my imagination, not more. And thanks the recommending and the link, I did begin to read, hoping fast to find, what I want, but after a while had really to stop this. These days are works and works as if of never-ending ... Please, be considerate. Thank You.

[AstroSkipper]

OEClassic installed, but I did not run it, because of not knowing, what happens to the things of OE. OK, my thought was worth a try for me. Then now installed ´windowsxp-kb4467770-x86-embedded-enu_(...).exe´ but with this error: KB4467770 Setup Error "Setup connot update your Windows XP files because the language installed on your system is different from the uddate language." (This XP (Corporate) is german.) I'll see this recommendation here (https://github.com/Feodor2/Mypal/issues/88)

Once again, you are in the issues of Mypal 68. Therefore, you have to post your problems in a Windows XP dedicated forum. There are the Windows XP experts. Here is a totally wrong place. Read my post above! And BTW, you have to install the German update.KB4467770, ending on xxxdeu.exe., in a German Windows XP Edition.

All necessary information you can get at MSFN. Here is the link: https://msfn.org/board/forum/34-windows-xp/

Cheers, AstroSkipper

[AstroSkipper]

Hi, AstroSkipper. "You can't copy the TLS1.2 stuff from a browser to OE6.": As from IE6 ´with´ OE6 in XP for me to understand, is - as now - TLS 1.0 "system-widely" is installed. Despite running a web-site (a browser) for/with TLS 1.2 I understand: running for access eMail-account is another thing, another topic. This may be mis-understood by me. But if this both are in context, and Mypal68 ´should ´then´ have TLS 1.2 also, then it could solve with the issue for OE6, for access eMail-acounts, ´at once´ - equal - with. But this is just my imagination, not more.

Sorry, but you really mix up a lot of information and unfortunately, many statements are not correct. With ProxHTTPSProxy, you can use Email clients, lacking of a more recent protocols like TLS 1.2, in Windows XP. All this is described in my article at MSFN. And there you can find a lot of information about Windows XP and the way how to update your system. But not here.

Cheers, AstroSkipper

[NoNameNeeded2]

Ich bin mir jetzt noch immer nicht sicher, ob du besser deutsch oder englisch sprichst. Wie auch immer. Back to english:

You can install OEClassic and even run it. I understand that you don't want to take the risk to ruin your OE data by importing it to OEClassic and I'm actually not really sure what happens to your OE data when you do that (even though I think OEClassic won't ruin your OE data). The best way would be to make a copy of the OE folder that contains all the OE data and then give OEClassic a try. You should be able to find all your OE folders and dbx files here: C:\Dokumente und Einstellungen\NAME\Anwendungsdaten\Identities

I assume the reason why you ended up here is that you thought that a more recent browser with TLS1.2 would update the TLS-stuff in Windows XP and therefore allow OE to run flawlessly again. Unfortunately that's not the case. But you can switch to Thunderbird or OEClassic. They should work fine, even without patching Windows XP.

[visionhelp]

{besser: deutsch}

Complaining is already happening.

OEClassic I only did for this test. (Despite: The little 8 MB are surprising to me. And possibly it is just intention, that it does not install TLS 1.2 system-wide.Then OE 6 could work for it, too. OK. Having to figure out all the new (and differents) a new program does to me, this is effort I prefer to avoid.)

Yes, my hope was/is: having TLS 1.2 ini/for browser, it could be done for system-wide just with.

I got an advice, I must use the update version german. version. But I cannot find it. Now, that it is told it exists, if in english why not to find the german one ? Thanks again Your comparism, the effort.

[visionhelp]

AstroSkipper. I D I D see there is lots of stuff. But despite such things, without having troubles, I do not never-ending EFFORTs, please.

And just discrediting "you really mix up a lot of information and unfortunately, many statements are not correct.", without noting any one example, I can not EXCEPT at all. And is just insulting. Despite I am sure You could help me here in my - special - wish, I have to accept and carry: You don´t. So, please, let us stop this contact, thanks. Sorry, "the German update.KB4467770, ending on xxxdeu.exe., in a German Windows XP Edition", this is help.

[visionhelp]

HKEY_LOCAL_MACHINE\SYSTEM\WPA\PosReady "Installed" steht auf ´0´. Wie konnte ich das nur über-sehen ? Das MUSS ´1´.

[Feodor2]

Why do you discuss this irrelevants here this is not a general it forum

[Feodor2]

Hey