Yet another request to disable TLS 1.0 but was marked completed with reference pointing to ASE.Another request to disable TLS 1.0 as these users are failing Trustwave Vulnerability scan was marked completed when it has not.There was a request on Azure Feedback forum to give users the means to disable TLS 1.0 but it was declined.RC4 has been disabled but there are a few comments requesting for TLS 1.0 to be disabled along.Application Gateway FAQ states that Support for Azure Web Apps is not available today.As at 4th July 2017, below are points that I have found to date: I know I am not alone in facing this issue and I have been Googleing monthly in search for a viable solution. Failure which, switching to a different hosting option has to be considered! Disclaimerīefore jumping to the solution, I need to state that the way I am proposing is considered not supported by Azure. An example of a showstopper is when there is a special need to bring forward disabling of less secure cryptography protocols. Of course it does incur additional cost but this is usually not a showstopper. I like using Platform as a Service (PaaS) because it abstracts the complexities of managing the underlying layer.
This means the workaround described in this post is no longer necessary.
The solution is to use Azure Application Gateway and a custom hostname. Yes it is possible to disable TLS 1.0 and even 1.1 without using App Service Environment (ASE). Published: 4 July 2017 | Last updated: 20 April 2018 | Software
How to disable TLS 1.0 on an Azure App Service
0 kommentar(er)
