Share via

Azure support for TLS 1.0 and TLS 1.1 will end by 31 October 2024

Jewell, Gary 10 Reputation points
2024-09-05T19:21:49.4033333+00:00

I have an Azure App Gateway that requires TLS 1.0 to be enabled for legacy applications, will client apps be able to connect to the App Gateway after 10/31/24? Does this scenario apply to Azure web apps, where the legacy client is connecting with TLS 1.0?

Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,762 questions
Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
1,213 questions
Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
8,930 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Abiola Akinbade 29,405 Reputation points Volunteer Moderator
    2024-09-05T20:05:02.4833333+00:00

    Yes it applies to web apps. After this date, these versions will be out of support and possibly unable to connect, including for Azure Application Gateway and Azure App Services.

    If your legacy applications require TLS 1.0, they will no longer be able out of support after the deadline. To maintain connectivity, you will need to upgrade your applications to support TLS 1.2 or higher.

    To avoid potential service disruptions, confirm that your resources that interact with services are using TLS 1.2 or later. Then:

    • If they're already exclusively using TLS 1.2 or later, you don't need to take further action.
    • If they still have a dependency on TLS 1.0 or 1.1, transition them to TLS 1.2 or later by October 31, 2024.

    See: https://learn.microsoft.com/en-us/lifecycle/announcements/tls-support-ending-10-31-2024?source=recommendations

    You can mark it 'Accept Answer' and 'Upvote' if this helped you

    Regards,

    Abiola

  2. ChaitanyaNaykodi-MSFT 27,471 Reputation points Microsoft Employee Moderator
    2024-09-26T22:18:39.19+00:00

    @Jewell, Gary

    Thank you for reaching out.

    I understand you wish to know how end of TLS 1.0/1.1 support affect Application Gateway to Backend Communication.

    There was an announcement posted today regarding this here

    https://azure.microsoft.com/en-us/updates/v2/Azure-Application-Gateway-support-for-TLS-10-and-TLS-11-will-end-by-31-August-2025

    Application Gateway will end the support for TLS 1.0 and 1.1 by 31 August 2025. We suggest you utilize this extended period to upgrade your client apps to allow seamless transition to TLS 1.2 or above. Please note, this TLS versions deprecation will apply to both frontend and backend connections.

     

    For frontend connections, you can update the TLS policy for your Application Gateway resources after you've upgraded the clients to support the higher versions. https://learn.microsoft.com/azure/application-gateway/application-gateway-ssl-policy-overview

     

    For backend connections, we advise you to check if all backend servers can negotiate over TLS 1.2 or higher. For this, you need not make any changes to Application Gateway resource but please ensure the backend servers are ready by 31 August 2025, when these versions will be deprecated.

    Hope this Helps! Please let me know if you have any questions. Thank you!

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.