Forum Discussion
Looking for a solution - My API clients will be impacted due to Azure TLS 1.0, 1.1 retirement
Microsoft Azure has announced TLS 1.0, 1.1 will be retired by 31-Oct-2024. My clients and devices are making calls through TLS 1.0, 1.1 to my API cloud services / App services. Unfortunately, my devices cannot be upgraded to make calls with TLS 1.2. Considering this situation, how my client devices will continue to work post 31-Oct-2024? It would be great if anyone is experiencing this situation and found any solutions.
3 Replies
If your devices only support TLS 1.0 or 1.1, they will not be able to connect to Azure after the retirement date because Azure will require TLS 1.2 or higher. There is no option to keep the older protocols enabled.
The only practical solution is to place a proxy or gateway between your devices and Azure. The proxy can accept the older TLS version and then forward the request to Azure using TLS 1.2. Many people use a simple Nginx or similar reverse proxy for this. It is the only way to keep older hardware working if the devices cannot be updated.
If your devices only support TLS 1.0 or 1.1, they will not be able to connect to Azure after the retirement date because Azure will require TLS 1.2 or higher. There is no option to keep the older protocols enabled.
The only practical solution is to place a proxy or gateway between your devices and Azure. The proxy can accept the older TLS version and then forward the request to Azure using TLS 1.2. Many people use a simple Nginx or similar reverse proxy for this. It is the only way to keep older hardware working if the devices cannot be updated.
After 31-Oct-2024, Azure will no longer accept TLS 1.0 or 1.1 connections. If your devices cannot be upgraded to support TLS 1.2, they will not be able to connect directly to Azure App Services or API endpoints. The only way forward is to introduce a compatibility layer or proxy that can accept TLS 1.0/1.1 from your devices and then forward traffic to Azure using TLS 1.2+.
