This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 23%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGS%3C/text%3E%3C/svg%3E)
With Azure requiring TLS 1.2 or later as of Oct 31, I am wondering if there is an easy way to determine whether my applications (written in .NET using Framework 4.7) that communicate with SQL Server in Azure are already using TLS 1.2? I'd hate for my customers to get impacted on November 1, so I'd like to 100% confirm this prior to then. For example, ideally, on a weekend (when users are not using my software) between now and October 31 it would be great if the requirement for TLS 1.2 could be enforced for a short period of time in my Azure SQL Server so I can find out. Is this possible? Any other suggestions?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 61%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
you can just configure the min TLS version on Azure SQL Server and test.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 94%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EIX%3C/text%3E%3C/svg%3E)
Hi Glenn,
Thanks for your post. To determine the incoming TLS version for Azure Storage, you can enable logging for your Azure Storage account and analyze the logs after an interval of time to detect what versions of TLS client applications are using and you can use this MS-Document to monitor the storage.
Here is a sample query to determine which clients made requests with a version of TLS older than TLS 1.2 over the past seven days:
Query:
StorageBlobLogs
| where AccountName == "<your-storage account-name>" and TlsVersion != "TLS 1.2"
| project TlsVersion, CallerIpAddress, UserAgentHeader
Reference: tls1.2 - How to determine incoming TLS version for Azure Storage - Stack Overflow
Note: This is a non-Microsoft website. The page appears to be providing accurate, safe information. Watch out for ads on the site that may advertise products frequently classified as a PUP (Potentially Unwanted Products). Thoroughly research any product advertised on the site before you decide to download and install it. Hope this helps.
Best Regards,
Ian Xue
If the Answer is helpful, please click "Accept Answer" and upvote it.