You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/application-gateway/application-gateway-tls-version-retirement.md
+21-2Lines changed: 21 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -5,7 +5,7 @@ services: application gateway
5
5
author: jaesoni
6
6
ms.service: azure-application-gateway
7
7
ms.topic: concept-article
8
-
ms.date: 05/15/2025
8
+
ms.date: 07/18/2025
9
9
ms.author: mbender
10
10
ms.custom:
11
11
- build-2025
@@ -84,7 +84,26 @@ You don't need to configure anything on your Application Gateway for the backend
84
84
* For V2 SKUs: the connections to backend servers will always be with preferred TLS v1.3 and minimum up to TLS v1.2
85
85
* For V1 SKUs: the connections to backend servers will always be with TLS v1.2
86
86
87
-
You must ensure that your servers in the backend pools are compatible with these updated protocol versions. This compatibility avoids any disruptions when establishing a TLS/HTTPS connection with those backend servers.
87
+
You must ensure that your servers in the backend pools are compatible with these updated protocol versions. This compatibility avoids any disruptions when establishing an TLS/HTTPS connection with those backend servers.
88
+
89
+
## Identification methods
90
+
91
+
### Metrics
92
+
To determine whether clients connecting to your Application Gateway resource are utilizing TLS 1.0 or 1.1, use the `Client TLS protocol` metric provided by Application Gateway. For more information, see the [metrics documentation](monitor-application-gateway-reference.md#metrics). You can view it from the Portal by following these steps.
93
+
94
+
1. Go to the Application Gateway resource in the Azure portal.
95
+
2. In the left menu pane, open the "Metrics" blade in Monitoring section.
96
+
3. Select metric as `Client TLS protocol` from the dropdown.
97
+
4. To view granular protocol version information, select "Apply splitting" and choose "TLS protocol".
98
+
99
+
[](media/application-gateway-tls-version-retirement/metric-tls-version.png#lightbox)
100
+
101
+
### Logs
102
+
You can also check the [Application Gateway Access logs](monitor-application-gateway-reference.md#access-log-category) to view this information in log format.
103
+
104
+
### Error information
105
+
Once support for TLS versions 1.0 and 1.1 is discontinued, clients may encounter errors such as `curl: (35) error:0A000410:SSL routines::sslv3 alert handshake failure`. Depending on the browser being used, various messages indicating TLS handshake failures may be displayed.
0 commit comments