We recently announced that all App Service and Functions apps could update TLS configuration. However, after deployment, an edge case scenario was identified involving SNI-SSL which led to SSL analyzing tools such as SSL Labs, showing that TLS 1.0 was still accepted, while higher versions were selected.
We have now completed the deployment which solves the issue for SSI-SSL and will also translate to the reporting tool indicating correctly that lower versions of TLS, mainly TLS 1.0, are indeed blocked.
To update your TLS configuration, follow one of the methods below:
- In the Azure Portal, in the app’s menu, browse to SSL Settings option and select which version of SSL you require.
- Through CLI, details for the commands are in our documentation.
az webapp config set --name [--min-tls-version]
For any questions, please reach out over the App Service MSDN forum.