The following error can be seen in the Active Roles Sync Capture Agent log if TLS is not enabled:
save error for link ReplicationGroup=c9da63b5-f234-4edb-95fe-3e3096b8673d, URL=net.tcp://server.domain.local/ActiveRoles.SyncService.Server/PasswordService. Details: Can't process link to 'net.tcp://server.domain.com/ActiveRoles.SyncService.Server/PasswordService': The caller was not authenticated by the service.
The request for security token could not be satisfied because authentication failed. ActiveRoles.SyncService.CaptureAgentService.SettingsManager.SaveLinkError
Sync Service Version 7.3.3 and earlier
Sync Service Version 7.4 and later
Prior to the Active Roles 7.4 release, Enhancement Request number 127770 was submitted to provide support for TLS 1.1 and 1.2 in Active Roles. This request has been implemented as of the Active Roles 7.4 release.
For details on TLS support in the core Active Roles product, see KB 238600