@Safiyullah S A Thanks for posting your query on Microsoft Q&A.
In addition to the answer provided by Dillon on how to check for the TLS version for your Azure services (by checking 'Configuration'), you can go through these documents on
We recommend the following steps as you prepare to migrate your clients to TLS 1.2:
-Update your operating system to the latest version.
-Update your development libraries and frameworks to their latest versions. For example, Python 3.8 supports TLS 1.2.
-Fix hardcoded instances of security protocols older than TLS 1.2.
-Notify your customers and partners of your product or service's migration to TLS 1.2.
-For more detailed guidance, see the checklist to deprecate older TLS versions in your environment.
Q: If I didn't do the update by end of Oct 31st. What will be the worst-case scenario?
On Nov 1, 2024, Azure Blob Storage will stop supporting versions 1.0 and 1.1 of Transport Layer Security (TLS). TLS 1.2 will become the new minimum TLS version. This change impacts all existing and new blob storage accounts, using TLS 1.0 and 1.1 in all clouds. Storage accounts already using TLS 1.2 aren't impacted by this change.
To avoid disruptions to applications that connect to your storage account, you must ensure that your account requires clients to send and receive data by using TLS 1.2 and remove dependencies on TLS version 1.0 and 1.1. We're recommending that customers secure their infrastructure by using TLS 1.2 with Azure Storage. The older TLS versions (1.0 and 1.1) are being deprecated and removed to meet evolving technology and regulatory standards (FedRamp, NIST), and provide improved security for our customers.
TLS 1.2 is more secure and faster than TLS 1.0 and 1.1, which don't support modern cryptographic algorithms and cipher suites.
Q: How can I identify that my end client is using which TLS version connecting to my storage account? Is there any Kusto Query or using Resource Graph Explorer?
You can enforce a minimum required version of Transport Layer Security (TLS) for requests to your storage account.
Navigate to your storage account in the Azure portal.
Here is a sample query to determine which clients made requests with a version of TLS older than TLS 1.2 over the past seven days:
https://stackoverflow.com/questions/78069466/how-to-determine-incoming-tls-version-for-azure-storage
You can modify it as per your use case.
Hope that helps.
If you have questions, please let me know in the "comments" and we would be happy to help you. Comment is the fastest way of notifying the experts.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 98%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKM%3C/text%3E%3C/svg%3E)