Azure API Management

Inside scoop from the API Management team

Announcement: Changes to the transport-level security options on instances created prior to October 1, 2015

On December 1, 2016, we will make the following changes affecting gateway-to-backend connectivity on all API Management instances created before October 1, 2015:

– SSL 3.0 will be disabled
– TLS 1.1 and 1.2 will be enabled
– TLS 1.0 will remain enabled

The instances created after October 2015 will not be affected, since they already have this configuration.

These changes may adversely affect connectivity to the backends that support for TLS 1.1 and 1.2 in a non-compliant way. Note that the problem can be caused not by the backend itself but by an intermediary device, such as a load balancer.

You can test your backend by using it with a recently created API Management instance. If this is not feasible or you have questions or concerns, please contact us for assistance.