Skip to content

Commit a4b2c09

Browse files
prmerger-automator[bot]prmerger-automator[bot]
authored
Merge pull request #310246 from Harikrishnan-M-B/patch-60
Update TLS policy details in documentation
2 parents 509c659 + f9c06f9 commit a4b2c09

1 file changed

Lines changed: 1 addition & 4 deletions

File tree

articles/frontdoor/standard-premium/tls-policy.md

Lines changed: 1 addition & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -16,9 +16,6 @@ Azure Front Door supports [end-to-end TLS encryption](../end-to-end-tls.md). Whe
1616

1717
Azure Front Door supports two versions of the TLS protocol: TLS versions 1.2 and 1.3. Currently, Azure Front Door doesn't support client/mutual authentication (mTLS).
1818

19-
> [!NOTE]
20-
> As of March 1, 2025, TLS 1.0 and 1.1 minimum version are disallowed on Azure Front Door.
21-
2219
Azure Front Door Standard and Premium offer two mechanisms for controlling TLS policy. You can use either a predefined policy or a custom policy per your own needs. If you use Azure Front Door (classic) and Microsoft CDN (classic), you'll continue to use the minimum TLS 1.2 version.
2320

2421
- Azure Front Door offers several predefined TLS policies. You can configure your AFD with any of these policies to get the appropriate level of security. These predefined policies are configured keeping in mind the best practices and recommendations from the Microsoft Security team. We recommend that you use the newest TLS policies to ensure the best TLS security.
@@ -37,7 +34,7 @@ Azure Front Door offers several predefined TLS policies. You can configure your
3734

3835
The following table shows the list of cipher suites and minimum protocol version support for each predefined policy. The ordering of the cipher suites determines the priority order during TLS negotiation.
3936

40-
By default, TLSv1.2_2023 will be selected. TLSv1.2_2022 maps to the minimum TLS 1.2 version in previous design. Some might see a read-only TLSv1.0/1.1_2019 which maps to the minimum TLS 1.0/1.1 version in previous design, because they don't specifically switch to minimum TLS 1.2 version. The TLSv1.0/1.1_2019 policy for such will be removed and disabled in April 2025.
37+
By default, TLSv1.2_2023 will be selected. TLSv1.2_2022 maps to the minimum TLS 1.2 version in previous design.
4138

4239
| **OpenSSL** | **Cipher** **Suite** | **TLSv1.2_2023** | **TLSv1.2_2022** |
4340
|---|---|---|---|

0 commit comments

Comments
 (0)