Share via

TLS impact on VMs with unmanaged disks on storage accounts and ?

Ramona Istrate 40 Reputation points
2024-09-27T10:37:38.3366667+00:00

I have the following situations regarding the TLS version on storage accounts.

First, there are two 2012 Exchange VMs on our Azure environment with unmanaged disks. The disks are located in a blob on a storage account that has TLS version 1.0. We want to upgrade to TLS version 1.2, and I would like to know if there is any impact on the VMs when we migrate to TLS 1.2 that storage account containing the unmanaged disks (I would like to mention that one of the VMs has an application installed that works on TLS 1.0, but it is not dependent on the storage account).

The second situation is with AVDs in the Azure environment . In a storage account with TLS 1.0, we have a file share for FSLogix where profiles are saved. Similarly, I would like to know if there is any impact when we migrate that storage account to TLS version 1.2, will the users encounter any disruptions, or this will affect the AVDs?

Thank you

Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
3,183 questions
0 comments
Accepted answer
  1. Keshavulu Dasari 765 Reputation points Microsoft Vendor
    2024-09-27T12:52:22.5766667+00:00

    Hi @Ramona Istrate ,
    Welcome to Microsoft Q&A Forum, Thank you for posting your query here!

    Upgrading a storage account from TLS 1.0 to TLS 1.2 should not directly affect VMs with unmanaged disks. The VMs themselves do not rely on the TLS version of the storage account for their operation. You must ensure that any applications or services accessing the storage account are TLS 1.2 compatible. Since you mentioned that one of the VMs has an application that works on TLS 1.0 but does not depend on the storage account, this application should not be affected by the upgrade.

    For more information:
    https://learn.microsoft.com/en-us/azure/storage/common/transport-layer-security-configure-migrate-to-tls2

    For the Azure Virtual Desktops (AVDs) using FSLogix profiles stored in a file share on a storage account with TLS 1.0, upgrading to TLS 1.2 should also not cause disruptions if all client applications and services accessing the storage account are configured to use TLS 1.2. It’s crucial to ensure that the FSLogix clients and any other services interacting with the file share are updated to support TLS 1.2 to avoid any connectivity issues.
    *Test in a Staging Environment before making changes in production, test the upgrade in a staging environment to identify any potential issues.
    *Update Clients and Services ensure all clients, applications, and services accessing the storage accounts are configured to use TLS 1.2.

    Please let us know if you have any further queries. I’m happy to assist you further.

    Please 'Upvote'(Thumbs-up) and 'Accept' as an answer if the reply was helpful. This will also help us close this thread and acknowledge the time spent by community volunteers like us.

    1 person found this answer helpful.
    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Ramona Istrate 40 Reputation points
    2024-09-27T14:02:42.88+00:00

    Thank you for your answer, it's clear now.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.