TLS 1.0 deprecation impact on existing azure resources

Question

Hi,

As per the notification that the TLS 1.0 will be deprecated on 31 Oct 2024 (https://azure.microsoft.com/en-in/updates/azure-support-tls-will-end-by-31-october-2024-2/) what will be the impact on existing azure services if the minimum TLS is configured as TLS1.0 and the client (PowerShell) accessing the resources has TLS 1.2.?

Also for new resources, will the resources will get created with minimum TLS 1.2 by default or do we need to adjust the code to enforce the minimum TLS1.2.

Answer 1

Hi rahul parate - Thanks for reaching out on Q&A Forum.

Yes, the TLS1.0 will be deprecated, and client should tend to make use of TLS1.2. In case the client try to connect over lower TLS than set as minimum TLS version, the call shall tend to fail. Hence it is important to plan, test and move to TLS1.2. in order to avoid any impact to the application.

For the 2nd ask, it depends on how the resource is being created and what is being set as min TLS version. e.g. When you create a storage account with the Azure portal, the minimum TLS version is set to 1.2 by default. When you create a storage account with PowerShell, Azure CLI, or an Azure Resource Manager template, the MinimumTlsVersion property is not set by default and does not return a value until you explicitly set it.

https://learn.microsoft.com/en-us/azure/storage/common/transport-layer-security-configure-minimum-version?tabs=portal

The behavior on how the configuration will be there post it is completely deprecated might take some time.

For now, you can check for configuring the minTLS version as TLS1.2 and perform the testing to ensure you are good from the application standpoint.

Hope that helps!

Please let me know if there are any further queries/concerns, will be glad to assist.

---

Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.