Ensure that all Microsoft Azure App Service web applications are using the latest version of TLS encryption protocol to secure the applications traffic over the Internet and comply with the industry standards.
This rule resolution is part of the Conformity Security & Compliance tool for Azure.
The Transport Layer Security (TLS) protocol secures transmission of data between servers and web browsers, over the Internet, using standard encryption technology. To follow security best practices and the latest PCI compliance standards, Cloud Conformity strongly recommends enabling the latest version of TLS protocol (i.e. TLS 1.2) for all your Microsoft Azure App Service web applications. PCI DSS information security standard requires that all websites accepting credit card payments uses TLS 1.2 after June 30, 2018.
Audit
To determine if your Azure App Service web applications are using the latest version of TLS protocol, perform the following actions:
Remediation / Resolution
To update TLS/SSL configuration settings for your Microsoft Azure App Service web applications in order to enable the latest version of TLS protocol (TLS 1.2), perform the following actions:
References
- Azure Official Documentation
- App Service
- Enforce TLS versions
- CIS Microsoft Azure Foundations
- Azure PowerShell Documentation
- az webapp
- az webapp list
- az webapp config
- az webapp config show
- az webapp config set