Application is hosted on Azure PAAS. The following changes are already present
What else changes do I need to do to ensure incoming and outgoing requests of my application adhere to TLS 1 2.
Starting June 30 2018, all new apps in Azure App Service will be created with TLS 1.2 by default .
In the root of the website, find the global.asax
file, right click on it and view code. In this file, there should be an Application_Start
method.
In this method, add these lines to force TLS 1.2
protected void Application_Start()
{
//**Add these lines**
if (ServicePointManager.SecurityProtocol.HasFlag(SecurityProtocolType.Tls12) == false)
{
ServicePointManager.SecurityProtocol = ServicePointManager.SecurityProtocol | SecurityProtocolType.Tls12;
}
//**Add these lines**
AreaRegistration.RegisterAllAreas();
GlobalConfiguration.Configure(WebApiConfig.Register);
FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);
RouteConfig.RegisterRoutes(RouteTable.Routes);
BundleConfig.RegisterBundles(BundleTable.Bundles);
}
Also, you could enforce TLS version on Azure WebApps with Resource Manager Policies .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.