Please disable weak ciphers suites in *.documents.azure.com for TLS 1.2
Please disable weak ciphers suites in *.documents.azure.com for TLS 1.2. I know we can disable the lower TLS versions but with TLS 1.2 weak ciphers are still enabled and when the client is not in our control (browser client accessing Cosmos DB using the read-only key) its a security risk.
Customers will need to manage their own migration to TLS 1.2. We will be enforcing TLS 1.2 for customers that are only connecting to the service using it. We will not however force customers to connect only via TLS 1.2.
You can read more about our support for TLS 1.2 and how to migrate yourself here.