You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/azure-cache-for-redis/cache-remove-tls-10-11.md
+11-2Lines changed: 11 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -16,8 +16,8 @@ There's an industry-wide push toward the exclusive use of Transport Layer Securi
16
16
17
17
As a part of this effort, we'll be making the following changes to Azure Cache for Redis:
18
18
19
-
*Starting on January 13, 2020 we will configure the default minimum TLS version to be 1.2 for newly created cache instances. Existing cache instances won't be updated at this point. You'll be allowed to [change the minimum TLS version](cache-configure.md#access-ports) back to 1.0 or 1.1 for backward compatibility, if needed. This change can be done through the Azure portal or other management APIs.
20
-
*Starting on March 31, 2020 we'll stop supporting TLS versions 1.0 and 1.1. After this change, your application will be required to use TLS 1.2 or later to communicate with your cache.
19
+
***Phase 1:** We'll configure the default minimum TLS version to be 1.2 for newly created cache instances. Existing cache instances won't be updated at this point. You'll be allowed to [change the minimum TLS version](cache-configure.md#access-ports) back to 1.0 or 1.1 for backward compatibility, if needed. This change can be done through the Azure portal or other management APIs.
20
+
***Phase 2:** We'll stop supporting TLS versions 1.0 and 1.1. After this change, your application will be required to use TLS 1.2 or later to communicate with your cache.
21
21
22
22
Additionally, as a part of this change, we'll be removing support for older, insecure cypher suites. Our supported cypher suites will be restricted to the following when the cache is configured with a minimum TLS version of 1.2.
23
23
@@ -26,6 +26,15 @@ Additionally, as a part of this change, we'll be removing support for older, ins
26
26
27
27
This article provides general guidance about how to detect dependencies on these earlier TLS versions and remove them from your application.
28
28
29
+
The dates when these changes take effect are:
30
+
31
+
| Cloud | Phase 1 Start Date | Phase 2 Start Date |
| Azure (global) | January 13, 2020 | March 31, 2020 |
34
+
| Azure Government | March 13, 2020 | May 11, 2020 |
35
+
| Azure Germany | March 13, 2020 | May 11, 2020 |
36
+
| Azure China | March 13, 2020 | May 11, 2020 |
37
+
29
38
## Check whether your application is already compliant
30
39
31
40
The easiest way to find out whether your application will work with TLS 1.2 is to set the **Minimum TLS version** value to TLS 1.2 on a test or staging cache that it uses. The **Minimum TLS version** setting is in the [Advanced settings](cache-configure.md#advanced-settings) of your cache instance in the Azure portal. If the application continues to function as expected after this change, it's probably compliant. You might need to configure some Redis client libraries used by your application specifically to enable TLS 1.2, so they can connect to Azure Cache for Redis over that security protocol.
0 commit comments