Requirements to enforce TLS 1.2
Question
Application is hosted on Azure PAAS. The following changes are already present
- Azure app services TLS is set to 1.2, HTTPSOnly is set to off
- Service web config httpRuntime targetFramework is set to 4.7.1
What else changes do I need to do to ensure incoming and outgoing requests of my application adhere to TLS 1 2.
1 answers
solution1
0 2020-02-27 13:30:37
Starting June 30 2018, all new apps in Azure App Service will be created with TLS 1.2 by default .
In the root of the website, find the global.asax file, right click on it and view code. In this file, there should be an Application_Start method.
In this method, add these lines to force TLS 1.2
protected void Application_Start()
{
//**Add these lines**
if (ServicePointManager.SecurityProtocol.HasFlag(SecurityProtocolType.Tls12) == false)
{
ServicePointManager.SecurityProtocol = ServicePointManager.SecurityProtocol | SecurityProtocolType.Tls12;
}
//**Add these lines**
AreaRegistration.RegisterAllAreas();
GlobalConfiguration.Configure(WebApiConfig.Register);
FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);
RouteConfig.RegisterRoutes(RouteTable.Routes);
BundleConfig.RegisterBundles(BundleTable.Bundles);
}
Also, you could enforce TLS version on Azure WebApps with Resource Manager Policies .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.