You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/app-service/overview-tls.md
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -14,17 +14,17 @@ ms.custom: UpdateFrequency3
14
14
15
15
Transport Layer Security (TLS) is a widely adopted security protocol designed to secure connections and communications between servers and clients. App Service allows customers to use TLS/SSL certificates to secure incoming requests to their web apps. App Service currently supports different set of TLS features for customers to secure their web apps.
16
16
17
-
## What TLS options are available in App Service?
17
+
## Supported TLS Version on App Service?
18
18
19
-
For incoming requests to your web app, App Service supports TLS versions 1.0, 1.1, and 1.2. [In the next few months, App Service will begin supporting TLS version 1.3](https://techcommunity.microsoft.com/t5/apps-on-azure-blog/upcoming-tls-1-3-on-azure-app-service-for-web-apps-functions-and/ba-p/3974138).
19
+
For incoming requests to your web app, App Service supports TLS versions 1.0, 1.1, 1.2, and 1.3.
20
20
21
21
### Minimum TLS Version and SCM Minimum TLS Version
22
22
23
23
App Service also allows you to set minimum TLS version for incoming requests to your web app and to SCM site. By default, the minimum TLS version for incoming requests to your web app and to SCM would be set to 1.2 on both portal and API.
24
24
25
-
## TLS 1.0 and 1.1
25
+
###TLS 1.0 and 1.1
26
26
27
-
TLS 1.0 and 1.1 are considered legacy protocols and are no longer considered secure. It's generally recommended for customers to use TLS 1.2 as the minimum TLS version, which is also the default.
27
+
TLS 1.0 and 1.1 are considered legacy protocols and are no longer considered secure. It's generally recommended for customers to use TLS 1.2 or above as the minimum TLS version. When creating a web app, the default minimum TLS version would be TLS 1.2.
28
28
29
29
To ensure backward compatibility for TLS 1.0 and TLS 1.1, App Service will continue to support TLS 1.0 and 1.1 for incoming requests to your web app. However, since the default minimum TLS version is set to TLS 1.2, you need to update the minimum TLS version configurations on your web app to either TLS 1.0 or 1.1 so the requests won't be rejected.
30
30
@@ -33,4 +33,4 @@ To ensure backward compatibility for TLS 1.0 and TLS 1.1, App Service will conti
33
33
>
34
34
35
35
## Next steps
36
-
*[Secure a custom DNS name with a TLS/SSL binding](configure-ssl-bindings.md)
36
+
*[Secure a custom DNS name with a TLS/SSL binding](configure-ssl-bindings.md)
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments