You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I see a note was added to the docs under section "Check whether your application is already compliant"
"With your cache open in the portal, select Advanced in the resource menu. If the Minimum TLS version for your cache instance is set to Default, your Minimum TLS version is set to TLS 1.2. TLS 1.2 is the default value that is assigned to your cache instance when no explicit value is chosen."
However I still get an Azure Advisor recommendation "Support for TLS versions 1.0 and 1.1 is retiring on October 31, 2024."
With a recommended action
"Remove the use of TLS 1.0 and 1.1 from Azure Cache for Redis."
That links back to this document.
Does it matter when the Azure Cache for Redis was created, for what "Default" means?
Or does the detection mechanism in the Azure Advisor need updating?
Seems conflicting information on if an action is required to explicitly set the minimum version to 1.2, or if "default" already has this set?
Document Details
⚠ Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.
ID: 3d5e31f8-a816-2b22-96c0-f763fa67f9e6
Version Independent ID: d1ff1bc0-c88e-f51f-c6d8-fb9f9b212b94
Hello @stadion-ianjones
The Azure Advisor recommendation you received is correct. Although the default value for the Minimum TLS version for Azure Cache for Redis is TLS 1.2, it is still recommended to explicitly set the minimum version to 1.2 to ensure that your cache is compliant with the latest security standards.
The note you mentioned in the documentation is correct as well. If the Minimum TLS version for your cache instance is set to Default, your Minimum TLS version is set to TLS 1.2. However, it is still recommended to explicitly set the minimum version to 1.2 to ensure that your cache is compliant with the latest security standards.
Therefore, to comply with the latest security standards, it is recommended to explicitly set the minimum version to 1.2, even if your cache was created with the default value of TLS 1.2.
@stadion-ianjones
We are going to close this thread, if there are any further questions regarding the documentation, please tag me in your reply and we will be happy to continue the conversation.
Minimum TLS version "Default" query.
I see a note was added to the docs under section "Check whether your application is already compliant"
"With your cache open in the portal, select Advanced in the resource menu. If the Minimum TLS version for your cache instance is set to Default, your Minimum TLS version is set to TLS 1.2. TLS 1.2 is the default value that is assigned to your cache instance when no explicit value is chosen."
However I still get an Azure Advisor recommendation "Support for TLS versions 1.0 and 1.1 is retiring on October 31, 2024."
With a recommended action
"Remove the use of TLS 1.0 and 1.1 from Azure Cache for Redis."
That links back to this document.
Does it matter when the Azure Cache for Redis was created, for what "Default" means?
Or does the detection mechanism in the Azure Advisor need updating?
Seems conflicting information on if an action is required to explicitly set the minimum version to 1.2, or if "default" already has this set?
Document Details
⚠ Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.
The text was updated successfully, but these errors were encountered: