Forum Discussion
Azure Web Application Gateway (WAF) Cipher Suites
Hello ,
I've installed SSL certiifcate on Azure WAF. After a quick test on ssllabs, we've got a grade of B.
Main cause : Server supports weak Diffie-Hellman(DH) key exchange parameters.
After scrolling through the report, in the cipher suites section (TLS1.2), there are certain weak suites that have been pointed out as per below screenshot.Is this an issue with my SSL certificate or with the ciphers being used on the WAF?
What can be done to solve the issue?
3 Replies
Application Gateway supports disabling the following protocol version; TLSv1.0, TLSv1.1, and TLSv1.2.
see step 11 here
Is it best practice to disable TLS ?
there is know security risks to leave it open, so unless you have legacy devices, then yes
