How to resolve Sprinto check for Azure Web Apps to use the latest TLS encryption version
About:
Sprinto check: Ensure Web App is using the latest version of TLS encryption
The above-mentioned Sprinto check verifies that your Azure App Service web applications are configured to use the latest version of the Transport Layer Security (TLS) encryption protocol. TLS is a cryptographic protocol used to secure communication over a network, and keeping it up-to-date is essential for maintaining strong encryption and protecting against known vulnerabilities.
Purpose:
The purpose of this check is to ensure that your web applications hosted on Azure App Service are using the most secure and widely accepted version of the TLS protocol for encrypted communication. Older versions of TLS may have known vulnerabilities and security weaknesses, making them susceptible to attacks and data breaches. By enforcing the use of the latest TLS version, you can ensure that your web applications and users are protected with the strongest encryption standards available.
How to fix this check:
Follow the below steps to resolve this check:
Before you begin
Ensure you have the administrator privilege to manage Azure App Service configurations.
Updating TLS Version
Log in to Azure portal using your credentials.
Navigate to the App Services service.
Select the Web App from the list to configure.
Click on Configuration under Settings from the left-side navigation bar.
Under the TLS/SSL version, select the latest available version of TLS. For example, TLS 1.2 or TLS 1.3 based on the available option.
Click Save to apply the changes.
Repeat the above steps for all the Azure Web Apps.
Sprinto will detect the configuration change and set the check status to "Passing.”
Contact Sprinto support if you have any queries related to the check or need assistance.