NET 4.6 installed.NET 4.7 or higher is a requirement after March 31 st 2022 for connectivity to Azure Devops Services.
To run Windows Server 2012 R2 with Azure Devops Services from March 31 st 2022 there are some requirements listed in Deprecating weak cryptographic standards (TLS 1.0 and 1.1) in Azure DevOps Services. So why was it failing and why did it not fail before? Windows Server 2012 R2 with Azure Devops Services from March 31 st 2022 Now what made it interesting is that this Windows Server 2012R2 had been setup so that it would only support TLS 1.2 some years ago because they has issues with chipper mismatches and SQL Server (see Intermittent TLS issues with Windows Server 2012 R2 connecting to SQL Server 2016 running on Windows Server 2016 or 2019). That’s right, WorkingHardInIT! Sure enough, a quick test (Invoke-WebRequest -Uri -UseBasicParsing).StatusDescription did not return OK. A certain critical on-premises build server shows as off line in Azure and their builds with a dead line of March 25 th were failing. Guess what? On March 24 th I got a call to trouble shoot Azure Devops Services build server issues. To enable customers to detect issues they enabled it already temporarily on March 22 nd ( )and 24 th ( ) form 09:00 to 21:00 UTC.
Offline Azure Devops Windows 2012 R2 build server with failing buildsīut Microsoft, rightly so, must disable TLS 1.0/1.1 and will do so on March 31 st 2022.
This is not a joke but better to laugh than to cry, that place has chased away most good developers long ago and left pretty few willing to fight the good fight as there no reward for doing the right things, quite the opposite.
Why was the build server still running Windows Server 2012 R2? Well in this case the developers won’t allow an upgrade or migration of the server to a newer version because they are scared they won’t be able to get the configuration running again and won’t be able to build their code anymore. So it was in this case, but with a twist.
The biggest reason for these issues are tech debt, i.e. They did disable it finally on November 31 st 2021 ( Deprecating weak cryptographic standards (TLS 1.0 and TLS 1.1) in Azure DevOps)) but on January 31 st 2022 Microsoft had to re-enable it since to many customers ran into issues. Many years after all the talk, hints, tips, hunches and efforts to get rid of it. But hey, here we are, TLS 1.0/1.1 are still working for Azure Devops Services. The out phasing of TLS 1.0/1.1 in favor of TLS 1.2 has been an effort done at snail’s pace. Now this is just my humble opinion, as someone who has been implementing TLS 1.3, QUIC and even SMB over QUIC. While this post is about an Offline Azure Devops Windows 2012 R2 build server with failing builds let me talk about the depreciation of TLS 1.0/1.1.