Skip to content

Commit 4f26494

Browse files
author
gitName
committed
[APIM] TLS 1.3 in v2
1 parent d2f4e61 commit 4f26494

1 file changed

Lines changed: 3 additions & 6 deletions

File tree

articles/api-management/api-management-howto-manage-protocols-ciphers.md

Lines changed: 3 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@ author: dlepow
66

77
ms.service: azure-api-management
88
ms.topic: how-to
9-
ms.date: 08/12/2025
9+
ms.date: 10/08/2025
1010
ms.author: danlep
1111
---
1212

@@ -49,15 +49,12 @@ Depending on the service tier, API Management supports TLS versions up to 1.2 or
4949
> [!NOTE]
5050
> Some protocols or cipher suites (such as backend-side TLS 1.2) can't be enabled or disabled from the Azure portal. Instead, you'll need to apply the REST API call. Use the `properties.customProperties` structure in the [Create/Update API Management Service](/rest/api/apimanagement/current-ga/api-management-service/create-or-update) REST API.
5151
52-
## TLS 1.3 support in classic tiers
52+
## TLS 1.3 support
5353

54-
TLS 1.3 support is available in the API Management classic service tiers (**Consumption**, **Developer**, **Basic**, **Standard**, and **Premium**). In most instances created in those service tiers, TLS 1.3 is permanently enabled by default for client-side connections. Enabling backend-side TLS 1.3 is optional. TLS 1.2 is also enabled by default on both client and backend sides.
54+
TLS 1.3 support is available in all API Management service tiers. In most instances created in those service tiers, TLS 1.3 is permanently enabled by default for client-side connections. Enabling backend-side TLS 1.3 is optional. TLS 1.2 is also enabled by default on both client and backend sides.
5555

5656
TLS 1.3 is a major revision of the TLS protocol that provides improved security and performance. It includes features such as reduced handshake latency and improved security against certain types of attacks.
5757

58-
> [!NOTE]
59-
> The [v2 tiers](v2-service-tiers-overview.md) of API Management and [workspace gateways](workspaces-overview.md) support TLS 1.2 by default for client-side and backend-side connections. They don't currently support TLS 1.3.
60-
6158
### Optionally enable TLS 1.3 when clients require certificate renegotiation
6259

6360
TLS 1.3 doesn't support certificate renegotiation. Certificate renegotiation in TLS allows client and server to renegotiate connection parameters mid-session for authentication without terminating the connection.

0 commit comments

Comments
 (0)