Transport Layer Security (TLS) 1.0 and 1.1 are security protocols for establishing encryption channels over computer networks, ensuring data integrity and privacy. Due to regulatory requirements and security vulnerabilities, Atera will no longer support these deprecated versions starting April 20, 2026.
What's going to happen?
Agents on legacy OSs not supporting TLS 1.2 or higher won't be able to communicate with Atera servers. This means the machines will no longer be monitored and you will not be able to manage them.
Why is this happening now?
As always, your security and privacy are of the utmost importance to us. Our decision to deprecate support for TLS 1.0 and 1.1 is to ensure Atera is as secure as possible. That's the bottom line. As always, we'll continue to follow strict security standards to ensure none of our customers are breached.
Which operating systems won't be supported?
The following OSs do not have any versions that support TLS 1.2 or higher.
- Windows XP
- Windows XP SP3
- Windows Vista
- Windows Server 2003
- MacOS X 10.9 and earlier
This means that from April 20, 2026, any agents on these OSs will no longer be able to communicate with Atera.
Ok, so what can I do about it?
If the device doesn’t support TLS 1.2 or higher, or it’s running .NET Framework earlier than 4.7.2, the best solution is to upgrade to a version that meets these requirements. Microsoft also recommends removing any TLS 1.0 and TLS 1.1 dependencies from your environment and disabling them at the OS level whenever possible.
Check which devices meet the requirements
To check a single device, go to its Agent Console > OS and security tab to see its Agent TLS 1.2 compatibility and .NET Framework version.
Note: For Windows Server 2008 and Windows 7 (including WS2008 R2), TLS 1.2 is disabled by default but can be re-enabled.
You can check TLS 1.2 compatibility and .NET Framework status across multiple devices by going to the Devices page and using advanced filters.
To filter devices that don’t meet the TLS 1.2 and .NET Framework 4.7.2+ requirements:
1. From Devices (on the sidebar), click the Filters pill.
The filters panel appears.
2. Click Advanced filters.
The Advanced filters window appears.
3. Add the TLS filter: Agent TLS 1.2 compatibility, Doesn’t equal, Compatible.
4. Click + Or.
5. Add the .NET filter: .NET Framework version, Doesn’t equal, 4.7.2 or higher.
6. Click Apply.
The Devices page updates showing only devices that are not TLS 1.2 compatible and/or are running .NET Framework lower than 4.7.2 (including unknown values).
Upgrade and remediation options
As part of Atera’s ongoing efforts to support TLS 1.2 communication, Atera may automatically deploy required prerequisites (such as Microsoft .NET Framework 4.7.2) on certain Windows devices where applicable. This helps enable secure communication with Atera’s TLS 1.2 endpoints on operating systems that technically support TLS 1.2 but may not have it fully enabled by default.
This installation is performed silently and is expected behavior. If a reboot is required, it will take effect during the device’s next native reboot.
If you prefer to be proactive, you can manually install .NET Framework 4.7.2 on supported Windows devices to ensure full TLS 1.2 compatibility. This is the same framework version that Atera may deploy automatically when required. For more info, see:
You can also verify the installed .NET Framework version by querying the Windows registry using PowerShell. Microsoft provides an official PowerShell method here:
Finally, make sure the new Atera v2 agent (agent-api-v2.atera.com) is whitelisted in your environment. For more info, see Firewall settings for Atera's integrations
For more information, see:
- Deprecating TLS 1.0 and 1.1 — Internet Engineering Task Force (IETF)
- Supporting TLS on various Microsoft OSs — Microsoft
- UPDATE: Transport Layer Security 1.0 and 1.1 disablement — Microsoft
- TLS security — Apple
