ADX enforcement of TLS 1.2 version

Published 11-11-2019 12:21 PM 1,625 Views
Microsoft

Change details

We are continuously updating our service to ensure security is in line with organization recommendations and company requirements. As part of the Microsoft-wide “TLS 1.2 everywhere” initiative, Azure Data Explorer will stop accepting requests made using Transport Layer Security (TLS) 1.1 or older and will require TLS 1.2.

This will affect all Azure Data Explorer APIs, including Azure Resource Manager APIs (i.e. APIs used to create Azure Data Explorer clusters and databases).

Impacted scenarios 

This will affect all applications, clients, and code that use Azure Data Explorer APIs with older TLS versions.

Required change

To avoid any service interruptions, please ensure that requests issued to Azure Data Explorer use at least TLS 1.2. 

For solving TLS 1.0 issues and more instructions please use the following links:

https://docs.microsoft.com/en-us/security/solving-tls1-problem

https://support.microsoft.com/en-us/help/3140245/update-to-enable-tls-1-1-and-tls-1-2-as-default-sec...

Schedule & plan 

TLS 1.2 enforcement roll-out - January 10, 2019

%3CLINGO-SUB%20id%3D%22lingo-sub-1000534%22%20slang%3D%22en-US%22%3EADX%20enforcement%20of%20TLS%201.2%20version%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1000534%22%20slang%3D%22en-US%22%3E%3CH2%20id%3D%22toc-hId--1445090633%22%20id%3D%22toc-hId--1445090633%22%3EChange%20details%3C%2FH2%3E%0A%3CP%20class%3D%22Body%22%3E%3CSPAN%20class%3D%22normaltextrun%22%3EWe%20are%20continuously%20updating%20our%20service%20to%20ensure%20security%20is%20in%20line%20with%20organization%20recommendations%20and%20company%20requirements.%20As%20part%20of%20the%20Microsoft-wide%20%E2%80%9CTLS%201.2%20everywhere%E2%80%9D%20initiative%2C%20Azure%20Data%20Explorer%20will%20stop%20accepting%20requests%20made%20using%20Transport%20Layer%20Security%20(TLS)%201.1%20or%20older%20and%20will%20require%20TLS%201.2.%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%20class%3D%22Body%22%3E%3CSPAN%20class%3D%22normaltextrun%22%3EThis%20will%20affect%20all%20Azure%20Data%20Explorer%20APIs%2C%20including%20Azure%20Resource%20Manager%20APIs%20(i.e.%20APIs%20used%20to%20create%20Azure%20Data%20Explorer%20clusters%20and%20databases).%3C%2FSPAN%3E%3C%2FP%3E%0A%3CH2%20id%3D%22toc-hId-1042422200%22%20id%3D%22toc-hId-1042422200%22%3EImpacted%20scenarios%26nbsp%3B%3C%2FH2%3E%0A%3CP%20class%3D%22Body%22%3E%3CSPAN%20class%3D%22normaltextrun%22%3EThis%20will%20affect%20all%20applications%2C%20clients%2C%20and%20code%20that%20use%20Azure%20Data%20Explorer%20APIs%20with%20older%20TLS%20versions.%3C%2FSPAN%3E%3C%2FP%3E%0A%3CH2%20id%3D%22toc-hId--765032263%22%20id%3D%22toc-hId--765032263%22%3ERequired%20change%3C%2FH2%3E%0A%3CP%20class%3D%22Body%22%3E%3CSPAN%20class%3D%22normaltextrun%22%3ETo%20avoid%20any%20service%20interruptions%2C%20please%20ensure%20that%20requests%20issued%20to%20Azure%20Data%20Explorer%20use%20at%20least%20TLS%201.2.%26nbsp%3B%20%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%20class%3D%22Body%22%3E%3CSPAN%20class%3D%22normaltextrun%22%3EFor%20solving%20TLS%201.0%20issues%20and%20more%20instructions%20please%20use%20the%20following%20links%3A%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%20class%3D%22Body%22%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsecurity%2Fsolving-tls1-problem%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsecurity%2Fsolving-tls1-problem%3C%2FA%3E%3C%2FP%3E%0A%3CP%20class%3D%22Body%22%3E%3CA%20href%3D%22https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Fhelp%2F3140245%2Fupdate-to-enable-tls-1-1-and-tls-1-2-as-default-secure-protocols-in-wi%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Fhelp%2F3140245%2Fupdate-to-enable-tls-1-1-and-tls-1-2-as-default-secure-protocols-in-wi%3C%2FA%3E%3C%2FP%3E%0A%3CH2%20id%3D%22toc-hId-1722480570%22%20id%3D%22toc-hId-1722480570%22%3ESchedule%20%26amp%3B%20plan%26nbsp%3B%3C%2FH2%3E%0A%3CP%20class%3D%22Body%22%3E%3CSPAN%20class%3D%22normaltextrun%22%3ETLS%201.2%20enforcement%20roll-out%20-%20January%2010%2C%202019%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-1000534%22%20slang%3D%22en-US%22%3E%3CP%20class%3D%22Body%22%3E%3CSPAN%20class%3D%22normaltextrun%22%3EWe%20are%20continuously%20updating%20our%20service%20to%20ensure%20security%20is%20in%20line%20with%20organization%20recommendations%20and%20company%20requirements.%20As%20part%20of%20the%20Microsoft-wide%20%E2%80%9CTLS%201.2%20everywhere%E2%80%9D%20initiative%2C%20Azure%20Data%20Explorer%20will%20stop%20accepting%20requests%20made%20using%20Transport%20Layer%20Security%20(TLS)%201.1%20or%20older%20and%20will%20require%20TLS%201.2.%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-TEASER%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1000534%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20Data%20Explorer%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Ekql%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EKusto%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Version history
Last update:
‎Nov 11 2019 12:21 PM
Updated by: