How can we improve Azure Web Apps?

in ASE disable TLS 1.1

Allow for the disablement of TLS 1.1 protocols from ASE in a similar method as TLS 1.0. This would help secure systems further for ISVs building new API Apps and help with additional security concerns and compliance for PCI and others.

Allowing for the same method but adding an additional JSON in cluster settings to actually trigger the TLS 1.1 disablement would be good.

"clusterSettings": [
{
"name": "DisableTls1.0",
"value": "1"
},
{
"name": "DisableTls1.1",
"value": "1"
}
],

https://docs.microsoft.com/en-us/azure/app-service-web/app-service-app-service-environment-custom-settings#disable-tls-10

7 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Nathan SwiftNathan Swift shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    1 comment

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • Tim PoseyTim Posey commented  ·   ·  Flag as inappropriate

        FYI: You can disable this through PowerShell:

        Login-AzureRmAccount

        Select-AzureRmsubscription -SubscriptionName "my subscription name"

        $gw = Get-AzureRmApplicationGateway -Name my-gateway -ResourceGroupName my-resource-group

        Set-AzureRmApplicationGatewaySslPolicy -DisabledSslProtocols TLSv1_0, TLSv1_1 -ApplicationGateway $gw

        $gw | Set-AzureRmApplicationGateway

        Get-AzureRmApplicationGatewaySslPolicy -ApplicationGateway $gw

      Feedback and Knowledge Base