Ensure that your Azure Front Door custom domains are using the latest supported version of the TLS protocol (i.e. TLS 1.2) in order to enhance security by providing stronger encryption, protecting data integrity, reducing vulnerabilities to cyber attacks, and maintaining compatibility with modern browsers.
The Transport Layer Security (TLS) protocol addresses network security problems such as tampering and eavesdropping between a client and a server. Using weak and deprecated TLS protocols can increase opportunities for malicious activities such as hacking, Man-in-the-Middle (MITM), and downgrade attacks. Therefore, it is strongly recommended to use the latest TLS version supported by Azure Front Door (TLS 1.2).
Audit
To determine the TLS version configured for your Azure Front Door custom domains, perform the following operations:
Remediation / Resolution
To ensure that your Azure Front Door custom domains are using the latest supported version of the TLS protocol, perform the following operations:
References
- Azure Official Documentation
- Domains in Azure Front Door
- End-to-end TLS with Azure Front Door
- Configure a custom domain on Azure Front Door by using the Azure portal
- Configure HTTPS on an Azure Front Door custom domain by using the Azure portal
- Azure PowerShell Documentation
- az afd profile list
- az afd custom-domain list
- az afd custom-domain show
- az afd custom-domain update
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
Minimum TLS Version
Risk Level: Medium