[German]Briefreminder for administrators – who certainly have the topic on their agenda: Microsoft will end support for TLS 1.0 and 1.1 in Azure on October 31, 2024.
TLS 1.0 und 1.1 sind veraltet
Transport Layer Security (TLS) is the most common internet protocol for setting up an encrypted communication channel between a client and a server. However, for historical reasons, there are different variants TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3. The outdated variants TLS 1.0 and TLS 1.1 are now a problem.
The old TLS 1.0 protocol dates back to 1999 and can no longer be classified as secure, as several security vulnerabilities have been found in this protocol version over time. The "newer" TLS 1.1 was released in 2006 and brought some security improvements. However, TLS 1.1 was never widely accepted.
In the meantime, TLS 1.2 and TLS 1.3 have been introduced and are widely used. TLS implementations attempt to negotiate connections with the highest available protocol version. However, there are fallback mechanisms if the communication partners do not support a protocol.
Microsoft ends TLS 1.0/1.1 support
In view of this problem, Microsoft announced some time ago that support for TLS 1.0/1.1 would soon end. For example, in the blog post Windows: Microsoft reminds of coming TLS 1.0/1.1 deactivation in September 2023, I reported that support will be discontinued in new Windows versions.
- Microsoft will disable TLS versions 1.0 and 1.1 by default in future versions of Windows. This change will only apply to future new Windows operating systems, for both client and server editions.
- Windows versions that have already been released are not affected by this change.
- In the Windows 11 Insider Preview builds that will be released in September 2023, TLS versions 1.0 and 1.1 will be disabled by default.
But this article is about Microsoft Azure services, which are only now being affected. I came across the topic of TLS 1.0/TLS 1.1 deactivation for Azure again in the following tweet. On October 31, 2024, Microsoft will deactivate these protocols in Microsoft Azure – connections must then be secured with TLS 1.2.
However, the above tweet is not very specific. Specifically, the deactivation of TLS 1.0/1.1 on October 31, 2024 refers to Microsoft Azure services. Microsoft published the support article Support for TLS 1.0 and TLS 1.1 will end by October 31, 2024 in spring 2024.
For administrators, the only question that's relevant: Are there still devices or clients that communicate with Microsoft Azure services and only support TLS 1.0 / 1.1? If this is the case, these devices or clients will then stop working.