Azure – Ensure your server running your Azure Application Proxy has TLS 1.2 enabled

Leave a Comment / Microsoft Azure / By / / App Proxy, Application Proxy, Azure, Azure App Proxy, Azure Application Proxy, TLS, TLS 1.2

If you use Azure Application Proxy to publish internal web applications, you need to ensure the server(s) running the Azure App Proxy connector has/have TLS 1.2 enabled.

By January 31st, 2019, if this/these server(s) do not have TLS 1.2 enabled you may experience service disruption as the older TLS version (1.0 and 1.1) will be disabled on Azure App Proxy.

To ensure you have TLS 1.2 enabled, just check the registry on each of the Azure Application Proxy connector server

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client
    • “DisabledByDefault”=dword:00000000
    • “Enabled”=dword:00000001
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server
    • “DisabledByDefault”=dword:00000000
    • “Enabled”=dword:00000001
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319
    • “SchUseStrongCrypto”=dword:00000001

If any of the values are incorrect or missing, just add them and restart the server.

Related Posts

Leave a Comment

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.