To provide the best-in-class encryption to our customers, Microsoft is making updates to the Application Proxy service to limit access to only TLS 1.2 protocols. Based on your organization readiness, changes will be gradually rolled out to organizations who are only using TLS 1.2 protocols and will not see any impact from this change. TLS 1.0 and 1.1 deprecation will complete on August 31, 2019 and Microsoft customers will receive advance notice to prepare for this change.

To prepare for this change make sure that all client-server and browser-server combinations are updated to use TLS 1.2 to maintain connection to Application Proxy service. These include clients your users are using to access applications published through Application Proxy. See Preparing for TLS 1.2 in Office 365 for useful references and resources.

Preparing to use TLS 1.2 in Office 365

This part is the most concerning to be aware of. I have found some organizations do not pay close attention to the various browsers installed in their environment.

As of October 31, 2018, Office 365 will no longer support TLS 1.0 and 1.1. This means that Microsoft will not fix new issues that are found in clients, devices, or services that connect to Office 365 by using TLS 1.0 and 1.1.

This doesn’t mean Office 365 will block TLS 1.0 and 1.1 connections. There is no official date for disabling or removing TLS 1.0 and 1.1 in the TLS service for customer connections. The eventual deprecation date will be determined by customer telemetry and is not yet known. After a decision is made, there will be an announcement six months in advance unless we become aware of a known compromise, in which case we may have to act in less than six months to protect customers who use the services.

You should make sure that all client-server and browser-server combinations use TLS 1.2 (or a later version) to maintain connection to Office 365 services. You may have to update certain client-server and browser-server combinations. 

The following clients are known to be unable to use TLS 1.2. Update your clients to ensure uninterrupted access to the service.

  • Android 4.3 and earlier versions
  • Firefox version 5.0 and earlier versions
  • Internet Explorer 8-10 on Windows 7 and earlier versions
  • Internet Explorer 10 on Win Phone 8.0
  • Safari 6.0.4/OS X10.8.4 and earlier versions

More on this here: Preparing to use TLS 1.2 in Office 365

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.