You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/app-service/overview-tls.md
+5-1Lines changed: 5 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -43,7 +43,7 @@ Azure App Service supports the following TLS versions for incoming requests to y
43
43
44
44
You can configure the **minimum TLS version** for incoming requests to your web app and its SCM site. By default, the minimum is set to **TLS 1.2**.
45
45
46
-
You can use Azure Policy to help audit your resources when it comes to minimum TLS version. You can refer to [App Service apps should use the latest TLS version policy definition](https://ms.portal.azure.com/#view/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Ff0e6e85b-9b9f-4a4b-b67b-f730d42f1b0b) and change the values to your desired minimum TLS version. For similar policy definitions for other App Service resources, refer to [List of built-in policy definitions - Azure Policy for App Service](../governance/policy/samples/built-in-policies.md#app-service).
46
+
You can use Azure Policy to help audit your resources when it comes to minimum TLS version. You can refer to [App Service apps should use the latest TLS version policy definition](https://ms.portal.azure.com/#view/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Ff0e6e85b-9b9f-4a4b-b67b-f730d42f1b0b) and change the values to your desired minimum TLS version. For similar policy definitions for other App Service resources, refer to [List of built-in policy definitions - Azure Policy for App Service](../governance/policy/samples/built-in-policies.md#app-service).
47
47
48
48
### TLS 1.3
49
49
@@ -56,6 +56,7 @@ TLS 1.3 is fully supported on App Service and introduces several improvements ov
56
56
To require TLS 1.3 for all inbound requests, set your **Minimum Inbound TLS Version** to **TLS 1.3** in the Azure portal, CLI, or ARM templates.
57
57
58
58
TLS 1.3 supports the following cipher suites, which are fixed and cannot be customized:
59
+
59
60
-`TLS_AES_256_GCM_SHA384`
60
61
-`TLS_AES_128_GCM_SHA256`
61
62
@@ -99,10 +100,12 @@ Once you update your cluster setting, **you must restart your front-end** for th
99
100
End-to-end (E2E) TLS encryption ensures that **front-end to worker communication** within Azure App Service is encrypted using TLS. Without this feature, while incoming HTTPS requests are encrypted to the front ends, the traffic from front ends to workers running the application workloads would travel unencrypted inside Azure’s infrastructure.
100
101
101
102
E2E TLS helps ensure **full encryption of traffic** between:
103
+
102
104
- Clients and App Service front ends.
103
105
- App Service front ends and worker processes hosting the application.
104
106
105
107
This feature is available on:
108
+
106
109
-**Premium App Service plans** (recommended for new deployments).
107
110
-**Legacy Standard App Service plans** (existing users).
0 commit comments