In the event log of an Exchange 2016 server, the following error message with the source MSExchangeApplicationLogic may occur every hour:
Source: MSExchangeApplicationLogic
Event ID: 3018
Scenario[ServiceHealth]: GetConfig. CorrelationId: 6852d41c-26fb-4ef9-9f7a-ee9d25f780c7. The request failed. Mailbox: Url: https://officeclient.microsoft.com/config16?CV=15.1.1261.36&Client=WAC_Outlook&corr=6852d41c-26fb-4ef9-9f7a-ee9d25f780c7 Exception: System.Net.WebException: Die zugrunde liegende Verbindung wurde geschlossen: Unbekannter Fehler beim Empfangen.. —> System.ComponentModel.Win32Exception: Der Client und der Server können keine Daten austauschen, da sie nicht über einen gemeinsamen Algorithmus verfügen
with System.Net.SSPIWrapper.AcquireCredentialsHandle(SSPIInterface SecModule, String package, CredentialUse intent, SecureCredential scc)
for System.Net.Security.SecureChannel.AcquireCredentialsHandle(CredentialUse credUsage, SecureCredential& secureCredential)
for System.Net.Security.SecureChannel.AcquireClientCredentials(Byte[]& thumbPrint)
for System.Net.Security.SecureChannel.GenerateToken(Byte[] input, Int32 offset, Int32 count, Byte[]& output)
for System.Net.Security.SecureChannel.NextMessage(Byte[] incoming, Int32 offset, Int32 count)
for System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
for System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
for System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
with System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
for System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
with System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
for System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
for System.Net.TlsStream.BeginWrite(Byte[] buffer, Int32 offset, Int32 size, AsyncCallback asyncCallback, Object asyncState)
for System.Net.ConnectStream.WriteHeaders(Boolean async)
— Ende der internen Ausnahmestapelüberwachung —
for System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
for Microsoft.Exchange.Data.ApplicationLogic.Extension.BaseAsyncOmexCommand.c__DisplayClass18_0.b__0()
The most common cause of the error is that the Exchange server is not allowed to connect directly to the Internet, but must use a proxy. If this is the case, the proxy must be stored in the Exchange configuration. The proxy can be entered with the following command:
Set-ExchangeServer ExchangeServerName -InternetWebProxy http://192.168.1.1:8080
You should also check whether access to officeclient.microsoft.com from the Exchange server is permitted. It may be necessary to set up an exception on the company's firewall.
Another possibility could be that TLS1.0 has been switched off. It is important that TLS1.0 is activated as the client protocol. The settings for TLS1.0 can be checked in the registry. Here are the correct TLS1.0 client settings:
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client
If you do not want the Exchange Server to communicate directly with the Internet and contact the Microsoft URL, you can at least reduce the number of error messages. To do this, the interval of the checks can be increased to one day. To change the interval, one line must be added to each of the following two files:
- %ExchangeInstallPath%ClientAccess\exchweb\ews\web.config
- %ExchangeInstallPath%ClientAccess\Owa\web.config
The following line must be inserted between and in each of these files:
<add key = „KillBitRefreshTimeInSeconds“ value = „86400“ />
Note: Pay attention to the correct formatting of the apostrophe, see screenshot.
In case anyone is wondering what the Exchange Server is trying to download or retrieve at the URL given in the error message:
Exchange would like to download the current list of killbits here, this is a security feature that was already introduced with Exchange 2013. Detailed information about the killbits can be found here: