Use secure protocols

Security · API Management · Azure.APIM.Protocols

API Management should only accept a minimum of TLS 1.2.

Description

API Management provides support for older TLS/ SSL protocols and ciphers, which are disabled by default. These older versions are provided for compatibility but not consider secure.

Recommendation

Consider disabling SSL 3.0/ TLS 1.0/ TLS 1.1/ Triple DES protocols and ciphers.

Links

• Data encryption in Azure
• Manage protocols and ciphers in Azure API Management

---

Last update: 2021-09-24