I have deployed an Azure function app, While using the command Connect-AzureAD in one of the function is throwing the error "You are using TLS version 1.0, 1.1 and/or 3DES cipher which are deprecated to improve the security posture of Azure AD"

Though the function App

• has minimum tls version of 1.2
• the .NET framework is 4.8.x
• the other services like storage account etc. associated with the function app were using minimum TLS version of 1.2.

Function App details

Function runtime: Powershell

runtime version: 3.8.2.0

Any help regarding this issue would be helpful

CodePudding user response：

You need to force using TLS1.2 by adding this command at the beginning of your script:

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

Found a related post: Invoke-WebRequest SSL fails?.

From the documentation :

ServicePointManager, using .NET Framework 4.7 and later versions, will use the default security protocol configured in the OS. To get the default OS choice, if possible, don't set a value for the ServicePointManager.SecurityProtocol property, which defaults to SecurityProtocolType.SystemDefault.

Because the SecurityProtocolType.SystemDefault setting causes the ServicePointManager to use the default security protocol configured by the operating system, your application may run differently based on the OS it's run on. For example, Windows 7 SP1 uses TLS 1.0 while Windows 8 and Windows 10 use TLS 1.2.

I imagine azure function are containerized and the default is not set or something like that.