March 26, 2020
<h1 id="heading-minimum-tls-version-with-azure-app-services">Minimum TLS version with Azure App Services</h1>
Older .NET Framework versions defaulted to use a TLS version of 1.0 or 1.1. Today, TLS 1.2 is the newest. As of <a target="_blank" href="https://azure.microsoft.com/en-us/updates/new-app-service-apps-deployed-with-tls-1-2-as-default-from-june-30/">2018</a>, Azure App Services default to TLS 1.2. This means that you might run into issues with older .NET applications failed to issue web requests against apps/apis hosted on these app services.
<blockquote>
“The underlying connection was closed: An unexpected error occurred on a send.
</blockquote>
This problem especially presents itself for .NET framework applications versions <a target="_blank" href="https://stackoverflow.com/questions/34808830/tls-1-2-error-with-c-sharp-net-the-underlying-connection-was-closed-an-unexp">4.6.1 and lower</a>. These older applications don’t default to TLS 1.2 when issuing web requests.
There are two ways to fix it. One is to force the .NET client code to default to <a target="_blank" href="https://stackoverflow.com/a/36454717">TLS 1.2</a> (as long as the framework version supports it).
Another way is to choose the minimum TLS version on an Azure App Service . As mentioned earlier, Azure App Services default to Tls 1.2 in 2018.
You can do this from the TLS/SSL settings blade in an Azure App Service.

March 26, 2020

Minimum TLS version with Azure App Services
===========================================

Older .NET Framework versions defaulted to use a TLS version of 1.0 or 1.1. Today, TLS 1.2 is the newest. As of [2018](https://azure.microsoft.com/en-us/updates/new-app-service-apps-deployed-with-tls-1-2-as-default-from-june-30/), Azure App Services default to TLS 1.2. This means that you might run into issues with older .NET applications failed to issue web requests against apps/apis hosted on these app services.

> “The underlying connection was closed: An unexpected error occurred on a send.

This problem especially presents itself for .NET framework applications versions [4.6.1 and lower](https://stackoverflow.com/questions/34808830/tls-1-2-error-with-c-sharp-net-the-underlying-connection-was-closed-an-unexp). These older applications don’t default to TLS 1.2 when issuing web requests.

There are two ways to fix it. One is to force the .NET client code to default to [TLS 1.2](https://stackoverflow.com/a/36454717) (as long as the framework version supports it).

Another way is to choose the minimum TLS version on an Azure App Service . As mentioned earlier, Azure App Services default to Tls 1.2 in 2018.

You can do this from the TLS/SSL settings blade in an Azure App Service.

Minimum TLS version with Azure App Services

I am a solutions architect focusing on Kubernetes on Azure. I'm also a productivity nut. Follow me to learn more about Kubernetes or how be productive.


Facundo's Blog on Kubernetes, DevOps, Azure, productivity, and career.