Azure Automation TLS 1.2 enforcement begins on 1 September 2020

Published date: 14 May, 2020

From 1 September 2020, Azure Automation will enforce transport layer security (TLS) 1.2 or later versions for all external HTTPS endpoints. We recommend that you ensure that all your clients are ready to handle TLS 1.2 or later versions.

Transport layer security and secure sockets layer (SSL) are cryptographic protocols that provide communications security over a computer network (learn more about TLS). Older versions of TLS/secure sockets layer have been found to be vulnerable and while they still currently work to allow backwards compatibility, they’re not recommended, and the industry is quickly moving to abandon support for these older protocols.

Azure Automation fully supports TLS 1.2 and all client calls (through webhooks, DSC nodes, hybrid worker) where customers are already only using TLS 1.2 and have made a switch to accept TLS 1.2 traffic. TLS 1.1 and TLS 1.0 are still supported for backward compatibility with older clients until 1 September 2020.

Note – TLS 1.2 will be the default security protocol version for Windows 8/Server 2012 or later. No action is required in these cases as you’re already TLS 1.2 compliant (unless TLS 1.2 is explicitly disabled). 


More information

Learn more about preparing for TLS 1.2 in Azure.

Read the documentation.

Read more information in the security blog.

Read this post about updating in Microsoft Support.

  • Security