Share via

Azure support for TLS 1.0 and TLS 1.1 will end by 31 October 2024

Jewell, Gary 5 Reputation points
2024-09-05T19:21:49.4033333+00:00

I have an Azure App Gateway that requires TLS 1.0 to be enabled for legacy applications, will client apps be able to connect to the App Gateway after 10/31/24? Does this scenario apply to Azure web apps, where the legacy client is connecting with TLS 1.0?

Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,472 questions
Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
1,076 questions
Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
7,807 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. akinbade abiola 17,290 Reputation points
    2024-09-05T20:05:02.4833333+00:00

    Yes it applies to web apps. After this date, these versions will be out of support and possibly unable to connect, including for Azure Application Gateway and Azure App Services.

    If your legacy applications require TLS 1.0, they will no longer be able out of support after the deadline. To maintain connectivity, you will need to upgrade your applications to support TLS 1.2 or higher.

    To avoid potential service disruptions, confirm that your resources that interact with services are using TLS 1.2 or later. Then:

    • If they're already exclusively using TLS 1.2 or later, you don't need to take further action.
    • If they still have a dependency on TLS 1.0 or 1.1, transition them to TLS 1.2 or later by October 31, 2024.

    See: https://learn.microsoft.com/en-us/lifecycle/announcements/tls-support-ending-10-31-2024?source=recommendations

    You can mark it 'Accept Answer' and 'Upvote' if this helped you

    Regards,

    Abiola

  2. ChaitanyaNaykodi-MSFT 26,201 Reputation points Microsoft Employee
    2024-09-26T22:18:39.19+00:00

    @Jewell, Gary

    Thank you for reaching out.

    I understand you wish to know how end of TLS 1.0/1.1 support affect Application Gateway to Backend Communication.

    There was an announcement posted today regarding this here

    https://azure.microsoft.com/en-us/updates/v2/Azure-Application-Gateway-support-for-TLS-10-and-TLS-11-will-end-by-31-August-2025

    • To align with Azure's ongoing security enhancements, all connections to Application Gateway must use Transport Layer Security (TLS) 1.2 or later, as support for TLS 1.0 and 1.1 on Azure Application Gateway will be discontinued starting 31 August 2025.

    Backend connection - After 31 August 2025, the connections to backend servers will always be on minimum TLS 1.2 and up to TLS 1.3. You need not configure anything on your Application Gateway for the backend connection's TLS version. However, you must ensure that your servers in the backend pools are compatible with these updated protocol versions. This will avoid any disruptions when establishing a TLS/HTTPS connection with those backend servers.

    Hope this Helps! Please let me know if you have any questions. Thank you!

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.