Ultima’s IA-Connect solution adds Parallels support
20/02/2025
Microsoft awards Ultima as an Azure Expert MSP
21/03/2025
For end-to-end communication, encryption is essential for your data integrity, privacy and security. Transport layer security (TLS) is the current main encryption mechanism used by vendors and systems worldwide to perfom this function – and you may know this by its legacy name of secure socket layer (SSL).
SSL is used everywhere when we talk about security in transit, including in web browsers and certificates, but in reality TLS replaced SSL a long time ago in the early 2000s. The name however is so synonymous with the general public it has stuck around.
TLS though is also going through a transformation of its own, mainly due to mitigations of potential risks and exploitation of earlier versions. However TLS has been around for so long and used in so many technologies, it has been difficult to force newer versions.
Currently TLS v1.3 is the latest available iteration, but v1.2 is also supported and currently not marked for deprecation.
Microsoft, along with other vendors, have been pushing through over the last few years to finally remove older versions of TLS, specifically V1.0 and 1.1.
Therefore, for Azure services, you would have likely started to see alerts for sub-services to make sure that you are ready for this deprecation, both as part of the underlying configuration, but most importantly if you are interacting with any of these services through programmatic means.
Currently Microsoft are on track to complete disable anything using TLS v1.0 and 1.1 by 31st August 2025, however this drive has been happening bit by bit since July 2024, and Microsoft will continue to disable sub services at different times in the lead up to this date.
https://learn.microsoft.com/en-us/lifecycle/announcements/tls-support-ending-10-31-2024
Therefore, it is imperative that you prepare your Azure services and external applications in use to make sure that you are operating on TLS v1.2 or higher.
The following sub services are currently about to be impacted by this change specifically:
Azure HDInsight clusters – March 2025 https://azure.microsoft.com/en-us/updates?id=478939
Azure Resource Manager (API access) – March 2025 https://azure.microsoft.com/en-us/updates?id=migrating-to-tls-12-with-deprecation-of-outdated-security-protocols
Azure Automation (interacting with resources) – March 2025 https://azure.microsoft.com/en-us/updates?id=477729
Azure Event Grid – March 2025 https://azure.microsoft.com/en-us/updates?id=tls-changes-for-azure-event-grid
Application Insights Tests – May 2025 https://azure.microsoft.com/en-us/updates?id=467600
Application Gateway – August 2025 https://azure.microsoft.com/en-us/updates?id=azure-application-gateway-support-for-tls-10-and-tls-11-will-end-by-31-august-2025
Then on August 31st and beyond, anything programmatically relying on TLS v1.0/1.1 will cease to function.
It’s critical that you prepare and check these resources and their configuration, but most importantly that you prepare any programmatic services you might be running yourself to make sure they are also not using this outdated version of TLS.
At Ultima, we do our best to keep our customers up-to-date as things evolve and change.
If you’d like more information or advice on these changes please feel free to contact us or your account manager where our in-house cloud professional services team can assist in minimising any impact and keep your Azure environment running smoothly.
