![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(9.6, 24%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJM%3C/text%3E%3C/svg%3E)
Azure Database for MySQL
An Azure managed MySQL database service for app development and deployment.
979 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 95%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESD%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 47%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERA%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 4%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Hi johannah Motshwene •,
We are sorry about the inconvenience you are facing.
Azure Database for MySQL Flexible Server supports encrypted connections using Transport Layer Security (TLS 1.2) by default and all incoming connections with TLS 1.0 and TLS 1.1 are denied by default. The encrypted connection enforcement or TLS version configuration on your Flexible Server can be changed as shown below:
| Scenario | Server parameter settings | Description |
|---|---|---|
| Disable SSL enforcement | require_secure_transport = OFF | If your legacy application doesn't support encrypted connections to Azure Database for MySQL Flexible Server, you can disable enforcement of encrypted connections to your Azure Database for MySQL Flexible Server instance by setting require_secure_transport=OFF. |
| Disable SSL enforcement | require_secure_transport = OFF | If your legacy application doesn't support encrypted connections to Azure Database for MySQL Flexible Server, you can disable enforcement of encrypted connections to your Azure Database for MySQL Flexible Server instance by setting require_secure_transport=OFF. |
| Enforce SSL with TLS version < 1.2 (Will be deprecated in September 2024) | require_secure_transport = ON and tls_version = TLS 1.0 or TLS 1.1 | If your legacy application supports encrypted connections but requires TLS version < 1.2, you can enable encrypted connections, but configure your Azure Database for MySQL Flexible Server instance to allow connections with the TLS version (1.0 or 1.1) supported by your application. Supported only with Azure Database for MySQL Flexible Server version v5.7 |
| Enforce SSL with TLS version = 1.2(Default configuration) | require_secure_transport = ON and tls_version = TLS 1.2 | This is the recommended and default configuration for Azure Database for MySQL Flexible Server. |
| Enforce SSL with TLS version = 1.3 | require_secure_transport = ON and tls_version = TLS 1.3 | This is useful and recommended for new applications development. Supported only with Azure Database for MySQL Flexible Server version v8.0 |
Important
According to Removal of Support for the TLS 1.0 and TLS 1.1 Protocols, we previously planned to fully deprecate TLS 1.0 and 1.1 by September 2024. However, due to dependencies identified by some customers, we have decided to extend the timeline.
Starting on August 31, 2025, we will begin the forced upgrade for all servers still using TLS 1.0 or 1.1. After this date, any connections relying on TLS 1.0 or 1.1 may stop working at any time. To avoid potential service disruptions, we strongly recommend that customers complete their migration to TLS 1.2 before August 31, 2025. Beginning in September 2024, new servers will no longer be permitted to use TLS 1.0 or 1.1, and existing servers will not be allowed to downgrade to these versions. We strongly recommend that customers update their applications to support TLS 1.2 as soon as possible to avoid service disruptions. Please refer to below official document for more details:
https://learn.microsoft.com/en-us/azure/mysql/flexible-server/how-to-connect-tls-ssl
Thank you!