MC258228 – Note: If you have already transitioned to TLS 1.2, you can safely disregard this message.
As previously announced Microsoft will soon begin to retire support for following protocols and ciphers, in Azure Active Directory:
- TLS 1.1, TLS 1.0 , 3DES cipher suite (TLS_RSA_WITH_3DES_EDE_CBC_SHA)
These protocols and ciphers are being retired to improve security when users/services interact with Microsoft’s cloud services.
Multiple announcements have been made via public articles “What’s new in Azure Active Directory?” (Oct 2020, Nov 2020), emails to Azure subscription owners and Message center posts. This is a final reminder.
- TLS 1.0, 1.1 and 3DES cipher suite in U.S. government instances starting on March 31, 2021 – on going in phases.
- TLS 1.0, 1.1 and 3DES cipher suite in public instances starting June 30, 2021.
How this will affect your organization:
Applications that are communicating with or authenticating against Azure Active Directory, may not work as expected if they are NOT able to use TLS 1.2 to communicate.
What you need to do to prepare:
Use TLS 1.2 and modern cipher suites on client/server applications/OS, communicating with Azure Active Directory, for Azure workloads or Microsoft 365 services.
For more information/guidance related to this retirement, please refer to:
- Enable support for TLS 1.2 in your environment, in preparation for upcoming Azure AD TLS 1.0/1.1 deprecation – Active Directory | Microsoft Docs