How to see TLS version with incoming API request in Azure portal?
In the Microsoft Azure portal, is there a way to see request URLs along with the TLS version negotiated?
Background
I have a web app that includes an API that used by several third parties. I would like to set the minimum TLS version to TLS 1.2 in my web app settings.
Before I update the minimum TLS version, I want to see what requests are being made using old TLS versions.
I know with my storage account I also have, I can include logs in the log analytics to detect TLS versions, so I was hoping there was something similar I could use for my web app.
So far, all I can find for my web app is the Minimum TLS Version Checker under Diagnose & Solve Problems. This isn't very helpful since it only gives me the number of requests with no further detail. Surely the detail has to be available somewhere? I am not an expert in the Azure portal, so I am hoping there is an easy way to find the request URL + TLS version.
We can check TLS version with the incoming requests either in Application Insights or by using Diagnostic Setting.
Using Application Insights:
- I have configured Application Insights in my API Web App and deployed the app to Azure App service.
- Enable Application Insights for the deployed App service.
- We can send custom logs to Application Insights by retrieving the TLS version and URL of the app.
- Logs can be seen in transaction search.
I know with my storage account I also have, I can include logs in the log analytics to detect TLS versions
Another option is from Diagnostic Setting.
- Using Diagnostic Setting we can send the logs to Storage Account or Log Analytics Workspace for the Azure App Service.
- As you have already mentioned that you know how to check logs in
Log Analytics Workspace, same way you can send the WebApp logs to the selected workspace.
Update:
The TLS Version which is set in the Configuration section can be seen in
KUDU Console => Environment => HTTP headers and Server variables
- Use the below code to retrieve the value in the controller.
string ?tlsVersion= HttpContext.Request.Headers["X-Forwarded-TlsVersion"];
_logger.LogInformation($"TLS : {tlsVersion}" );
- Cannot add data to a ComplexField using Python SDK for Azure AI Search
- letsencrypt cert request failing for AKS ingress
- Playwright Test execution on Azure Windows machine fails in pipeline with error as No test found, It works perfectly with same command
- How to Combining PowerShell Output from multiple server to Single csv
- How can I find all Azure app registrations with API permissions to a specific app registration?
- Azure Deployment Groups vs Agent Pools
- I cannot extract .sql CREATE TABLEs for each table in my Azure SQL Database in my Azure Repo
- Can not read blobs through BlobContainerClient for blobs with empty folder prefixes
- Are task logs deleted when the node is deleted due to autoscaling in Azure Batch service?
- Azure Function Blob Storage Monitor
- I want to fetch Azure SQL table data from ADF to use as input in copy activity
- How to access code of my Azure website?
- Run JMeter script in AzureDevOps - Bearer Access Token generation
- Azure Function - HTTP trigger request length exceeded
- How and where to define an environment variable on Azure
- Stream Analytics doesn't output the data to SQL but does to a blob storage
- While Hierarchical namespace enabled cannot upload blob with metadata hdi_isfolder
- Cannot log in to Visual Studio Account in VS 2022
- SchemaColumnConvertNotSupportedException: column: [Col_Name], physicalType: INT64, logicalType: string
- create Azure Keyvault secret without exposing values
- Can you create 'User Flows' in Azure with a pay-as-you-go account
- Deploy ARM template at management group scope with Azure DevOps Pipeline
- How to make an azure function that deploys my bicep script from Azure Storage Account
- Basic SQL commands in Terraform
- Can we Deploy Web Application in Azure OpenAI of Production Level
- Get-MgGroupMember by display name instead of userID
- Azure DevOps REST API parent relation link to existing work item error
- What should be put to 'repoOwners' in Managed Identity Federated Credentials policy?
- How to get list of users from CSV file whose LastSignInDate column has a date that is before 90 days from current date or is empty?
- Langchain cannot connect with Azure SQL Database