Saltar al contenido principal


At the end of October, we announced that Azure would begin disabling support for SSL 3.0 starting December 1, 2014 in response to an industry-wide vulnerability in SSL 3.0, commonly known as POODLE. Today, we are providing an update and additional information for customers on upcoming changes.


Completed Services

Azure Websites

SSL 3.0 has been disabled across Azure Websites. This no longer requires customer configuration changes.

Additional Services

Azure engineering teams have disabled SSL 3.0 support on the following services:

  • Azure Portal
  • Azure Preview Portal
  • Azure Service Bus


Pending Services

Azure Cloud Service (Web Roles and Worker Roles)

The January 2015 Guest OS release will have SSL 3.0 disabled by default. This image will start deploying to customers configured for automatic Guest OS updates shortly after January 13, 2015. Customers wishing to enable SSL 3.0 may do so by using startup tasks.


Azure Virtual Machines

Windows Server

Azure Infrastructure as a Service (IaaS) images utilizes standard Windows Server, which means SSL 3.0 will continue to be enabled by default for new deployments. Customers wishing to disable SSL 3.0 in new or existing IaaS deployments may do so by following the guidance in Security Advisory 3009008.



Refer to your Linux distribution’s publisher for more information regarding plans to disable or deprecate SSL 3.0.

Remaining Azure Services

Remaining Azure services will disable support for SSL 3.0 in the coming months.

  • Explore


    Let us know what you think of Azure and what you would like to see in the future.


    Provide feedback

  • Build your cloud computing and Azure skills with free courses by Microsoft Learn.


    Explore Azure learning

Join the conversation

Leave a Reply

Your email address will not be published. Required fields are marked *