Use secure protocols

Security · API Management · 2020_06

API Management should only accept a minimum of TLS 1.2.

Description

API Management provides support for older TLS/ SSL protocols, which are disabled by default. These older versions are provided for compatibility but are not consider secure.

Recommendation

Consider disabling SSL 3.0/ TLS 1.0/ TLS 1.1/ protocols.

Links

• Data encryption in Azure
• Manage protocols and ciphers in Azure API Management

---

Last update: 2022-01-18