Frequently asked question

What do I need to know about TLS 1.3 and ArcGIS Enterprise?

Last Published: August 26, 2025
Note:
This article refers to TLS 1.3 and ArcGIS Enterprise. For information pertaining to TLS 1.2 and ArcGIS, refer to FAQ: What do I need to know about TLS 1.2 and ArcGIS.

ArcGIS Enterprise 10.9.x and 11.x natively support TLS 1.3 encryption methods at the GIS tier (everything internal to ArcGIS Enterprise, including ArcGIS Portal, ArcGIS DataStore, and ArcGIS Server). However, there are additional factors to consider before implementing this new standard.

Most organizations use ArcGIS Web Adaptor or a reverse proxy to expose ArcGIS Enterprise on standard HTTP(s) ports. ArcGIS Web Adaptor is available on two platforms: J2EE Server and Microsoft’s Internet Information System (IIS). Customers who leverage J2EE servers as Web Adaptor hosts can implement TLS 1.3. Microsoft's security documentation indicates that support for TLS 1.3 begins at Windows Server 2022. Refer to Microsoft: Protocols in TLS/SSL (Schannel SSP) for more information.

No additional configuration is required at the GIS tier to enable TLS 1.3 support. Customers using IIS will not benefit from TLS 1.3 at versions of Windows prior to Windows Server 2022 and Windows 11. 

TLS 1.2 is still the primary standard in the industry. There is no official word as to when it will be retired.

Article ID: 000025404

Software:
  • Portal for ArcGIS
  • ArcGIS Enterprise
  • ArcGIS Web Adaptor

Receive notifications and find solutions for new or common issues

Get summarized answers and video solutions from our new AI chatbot.

Download the Esri Support App

Related Information

Discover more on this topic

Get help from ArcGIS experts

Contact technical support

Download the Esri Support App

Go to download options