Last post Oct 07, 2015 10:44 PM by Jamobor yao - MSFT
Oct 01, 2015 04:59 PM|rmw82|LINK
I have a WebForms based website hosted on Azure (WebApps / Website) and it is failing PCI validation because TLS 1.0 isn't disabled. Because of the nature of Azure, I can't disable this via the server. Is there a way to disable it via code?
I was trying to disable it in my Global.asax file, but it doesn't seem to work.
void Application_Start(object sender, EventArgs e)
// Code that runs on application startup
//Try to disable tls1.0 and only allow tls1.1 and 1.2
System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls11 | System.Net.SecurityProtocolType.Tls12;
Any help would be appreciated.
Oct 02, 2015 02:26 AM|Lorris|LINK
I need to disable TLS 1.0 via code. Is it possible?
From my point of view, I think it is impossible. With reference to
this article, I found this:
To disable the TLS 1.0 protocol, create an
Enabled entry in the appropriate subkey. This entry does not exist in the registry by default. After you have created the entry, change the DWORD value to 0. To enable the protocol, change the DWORD value to 0xffffffff.
Here are some relevant articles, you could refer to it:
hope it can help you.
Oct 06, 2015 02:52 PM|rmw82|LINK
I appreciate your answer. However, I don't have access to the registry because this site is hosted on Azure WebApps (Website).
I was hoping for a way I could disable it via code.
Oct 07, 2015 10:44 PM|Jamobor yao - MSFT|LINK
As I know, we can't disable TLS 1.0 in azure web app at currently, please submit a feedback in azure feedback forum:
http://feedback.azure.com/forums/34192--general-feedback, if disable TLS 1.0 is your requirement, please try to use azure cloud service web role to host your application.