MSExchangeApplicationLogic – The underlying connection was closed

You might see the following error in the Windows Application Event Log:

  • Source: MSExchangeApplicationLogic
  • Event ID: 3018
  • Level: Error
The request failed. Mailbox:  
Url: Exception: System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. 
---> System.IO.IOException: Unable to read data from the transport connection:    An existing connection was forcibly closed by the remote host. 
---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host   
at System.Net.Sockets.Socket.EndReceive(IAsyncResult asyncResult)   
at System.Net.Sockets.NetworkStream.EndRead(IAsyncResult asyncResult)   
--- End of inner exception stack trace ---   
at System.Net.TlsStream.EndWrite(IAsyncResult asyncResult)   
at System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar)   
--- End of inner exception stack trace ---   
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)   
at Microsoft.Exchange.Data.ApplicationLogic.Extension.BaseAsyncOmexCommand.<>c__DisplayClass18_0.b__0()
Screenshot - Event log MSExchangeApplicationLogic Event ID 3018

The request is successful when you try to connect to the URL provided in the error details using a browser on the Exchange server. 


You can verify the issue by trying to access the URL using the PowerShell Invoke-WebRequest cmdlet. Open a new PowerShell session and try connecting to the URL.

$uri=''Invoke-WebRequest -Uri $uri

You will receive the same error message as stated in the event log by MSExchangeApplicationLogic. A successful connection returns XML as content.

The reason for this error is related to the .NET Framework TLS configuration, not Exchange Server. The .NET Framework lacks configuration for the use of TLS 1.2.


The solution for this issue is to configure the .NET Framework to correctly use TLS 1.2. You can follow the description for TLS 1.2 enforcement for Azure AD Connect, or you can simply use this Gist

Due to the changes made to the SCHANNEL configuration you just restart the computer to bring the changes into effect.


Changing the TLS settings does not only affect outgoing connections but incoming connections as well.

Test the TLS changes in a test environment before adjusting your servers in the production environment. If you have not already enabled TLS 1.2 for your Exchange Servers, I recommend reading the 3-part series by the Exchange product group.


Enjoy Exchange Server! 

%d Bloggern gefällt das: