azurepowershellazure-active-directoryazure-functionsazure-ad-powershell-v2

TLS version issue is being raised while connecting to AzureAD using the Azure Functions


I have deployed an Azure function app, While using the command Connect-AzureAD in one of the function is throwing the error "You are using TLS version 1.0, 1.1 and/or 3DES cipher which are deprecated to improve the security posture of Azure AD"

Though the function App

Function App details

Function runtime: Powershell

runtime version: 3.8.2.0

Any help regarding this issue would be helpful


Solution

  • From the Kudu console, you could check the existing SecurityProtocol:

    PS C:\home> [Net.ServicePointManager]::SecurityProtocol
    [Net.ServicePointManager]::SecurityProtocol
    Ssl3, Tls
    

    From the documentation :

    ServicePointManager, using .NET Framework 4.7 and later versions, will use the default security protocol configured in the OS. To get the default OS choice, if possible, don't set a value for the ServicePointManager.SecurityProtocol property, which defaults to SecurityProtocolType.SystemDefault.

    Because the SecurityProtocolType.SystemDefault setting causes the ServicePointManager to use the default security protocol configured by the operating system, your application may run differently based on the OS it's run on. For example, Windows 7 SP1 uses TLS 1.0 while Windows 8 and Windows 10 use TLS 1.2.

    According to the documentation, you could try setting the security protocol to system default by adding this command at the beginning of your script:

    [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::SystemDefault
    

    Alternatively, it not working you could force using specific version:

    [Net.SecurityProtocolType]::Tls12
    [Net.SecurityProtocolType]::Tls13