Reminder: Azure Active Directory – Enable support for TLS 1.2 protocol to avoid service impact

Note: If you have already transitioned to TLS 1.2, you can safely disregard this message.

As previously announced we will soon begin to retire support for following protocols and ciphers, in Azure Active Directory:

  • TLS 1.1, TLS 1.0 , 3DES cipher suite (TLS_RSA_WITH_3DES_EDE_CBC_SHA)

These protocols and ciphers are being retired to improve security when users/services interact with our cloud services.

Multiple announcements have been made via public articles “What’s new in Azure Active Directory?” (Oct 2020, Nov 2020), emails to Azure subscription owners and Message center posts. This is a final reminder. 

Key points:

  • TLS 1.0, 1.1 and 3DES cipher suite in U.S. government instances starting on March 31, 2021 – on going in phases.
  • TLS 1.0, 1.1 and 3DES cipher suite in public instances starting June 30, 2021.

How this will affect your organization:

Applications that are communicating with or authenticating against Azure Active Directory, may not work as expected if they are NOT able to use TLS 1.2 to communicate.

What you need to do to prepare:

Use TLS 1.2 and modern cipher suites on client/server applications/OS, communicating with Azure Active Directory, for Azure workloads or Microsoft 365 services.

For more information/guidance related to this retirement, please refer to:

If you have any questions or concerns, please contact us.

Message ID: MC258228


No comments yet

Leave a Reply


I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.