Reputation: 141
Asp.Net Core 2.2 TLS 1.2 support on Azure app service
We're running our applications (web api's) on .net core 2.2 in-process mode on Azure app service. We have 3rd party dependencies that require TLS 1.2 only (outbound http calls). Would calls from our service support tls 1.2 out of the box or do we have to enable anything like ServicePointManager or anything similar for HttpClient or the HttpClientFactory?
Any help appreciated.
Upvotes: 1
Views: 891
Answers (2)
Reputation: 141
We did testing on Azure and it seems you don't have to configure anything at all as the latest version available on the host machine will be picked up. We hosted another API for which we enabled TLS 1.2 only and made a call from our API to the other one. Worth noting that the setting on app service for TLS version is only for INBOUND connections, not OUTBOUND. .Net Core 2.2, in-process mode, hosted on Azure web app.
Upvotes: 1
Reputation: 299
You would have to use framework-specific settings to force outbound calls to use TLS 1.2. Based on .NET Core docs, would need to explicitly create and configure an instance of https://learn.microsoft.com/en-us/dotnet/api/system.net.http.socketshttphandler?view=netcore-2.2, configuring the SslOptions property on the object to only allow TLS 1.2, then instantiate an instance of https://learn.microsoft.com/en-us/dotnet/api/system.net.http.httpclient?view=netcore-2.2 passing in the SocketsHttpHandler instance that has been configured to require TLS 1.2.
Upvotes: 0
Related Questions
- Is TLS 1.3 available on Azure App Services?
- How to implement TLS 1.2 in ASP.Net Core 2.0
- How to enable TLS 1.2 in Asp.Net Core 3.1
- Azure App Service to App Service communication on TLS1.2 failing
- Connection issue with TLS 1.1 and 1.2 - Azure web app
- How to use TLS 1.2 in ASP.NET Core 2.0
- Disable <TLS 1.2 in Azure Portal
- site is exposed to TLSv1.0 and TLSv1.1 enabled
- Disable TLSv1.0 in Azure App Service Web App
- How can confirm my Azure Web App is using TLS v1.2?