Home > Net >  How to fix TLS error in Azure Function App
How to fix TLS error in Azure Function App

Time:09-06

I have a functions app written in Powershell that worked up until a month or so ago.

The function uses a module (https://www.powershellgallery.com/packages/NTware.Ufo.PowerShell.ObjectManagement/2022.2.0.1) that is only compatible with "Widows Powershell".

The module is loaded as follows:

Import-Module $PSScriptRoot\Modules\NTware.Ufo.PowerShell.ObjectManagement.dll -UseWindowsPowerShell

The module allows connection to an external Azure environment that hosts an application.

The error returned is:

2022-09-02T13:38:31Z [Warning] WARNING: Module NTware.Ufo.PowerShell.ObjectManagement is loaded in Windows PowerShell using WinPSCompatSession remoting session; please note that all input and output of commands from this module will be deserialized objects. If you want to load this module into PowerShell Core please use 'Import-Module -SkipEditionCheck' syntax. 2022-09-02T13:38:34Z [Error] ERROR: Failed to authenticate. OriginInfo : localhost Exception : Type : System.Management.Automation.RemoteException SerializedRemoteException : System.ArgumentException: Failed to authenticate. ---> Microsoft.Identity.Client.MsalServiceException: AADSTS1002016: You are using TLS version 1.0, 1.1 and/or 3DES cipher which are deprecated to improve the security posture of Azure AD

I have tried the following without success:

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Import-Module $PSScriptRoot\Modules\NTware.Ufo.PowerShell.ObjectManagement.dll -UseWindowsPowerShell

I suspect the issue is that the remote Azure environment has started enforcing TLS 1.2. I have set my Azure Function App to also use TLS 1.2.

Any ideas on where the issue might be?

CodePudding user response:

Modules imported with the -UseWindowsPowerShell are in fact loaded to a separate Windows PowerShell session in a separate process (see about Windows PowerShell Compatibility). Changing the [Net.ServicePointManager]::SecurityProtocol variable in the local process does not affect other processes. You need to update this variable in the remote process, here is how:

$session = Get-PSSession -Name WinPSCompatSession

Invoke-Command -Session $session -Command {
    [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
}

Page link:https//www.codepudding.com/net/535033.html

Prev:Invoke-Command is giving NativeCommandError
Next:For nested in for - how it works?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding