in ASE disable TLS 1.1
Allow for the disablement of TLS 1.1 protocols from ASE in a similar method as TLS 1.0. This would help secure systems further for ISVs building new API Apps and help with additional security concerns and compliance for PCI and others.
Allowing for the same method but adding an additional JSON in cluster settings to actually trigger the TLS 1.1 disablement would be good.
Thanks for the request! We will leave this on our backlog for now. We’ll be able to support this as we add more security levels to ASE.
Tim Posey commented
FYI: You can disable this through PowerShell:
Select-AzureRmsubscription -SubscriptionName "my subscription name"
$gw = Get-AzureRmApplicationGateway -Name my-gateway -ResourceGroupName my-resource-group
Set-AzureRmApplicationGatewaySslPolicy -DisabledSslProtocols TLSv1_0, TLSv1_1 -ApplicationGateway $gw
$gw | Set-AzureRmApplicationGateway
Get-AzureRmApplicationGatewaySslPolicy -ApplicationGateway $gw