How to disable Weak Ciphers from Azure mobile service?

Question

Is there any way to disable weak ciphers from Azure Mobile Service? The service is running in Standard tier. Publish server port is 443.

I tried to run following code

string[] subKeys = new string[]
{
    "RC4 40/128",
    "RC4 56/128",
    "RC4 64/128",
    "RC4 128/128",
};

RegistryKey parentKey = Registry.LocalMachine.OpenSubKey(@"SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers", true);

foreach (string keyName in subKeys)
{
    var newKey = parentKey.CreateSubKey(keyName);
    newKey.SetValue("Enabled", 0);
    newKey.Close();
}
parentKey.Close();

refered from How to disable RC4 cipher on Azure Web Roles

But getting Requested registry access is not allowed exception

It is mentioned in same link to add executionContext="elevated" in the startup I'm not sure where to add this line or how to apply web role to mobile service..

score 0 · Answer 1 · edited Mar 20 '17 at 10:04

0

This is not something you can control within Azure Mobile Services. Check out this question on testing which ciphers are allowed: https://superuser.com/questions/109213/how-do-i-list-the-ssl-tls-cipher-suites-a-particular-website-offers

edited Mar 20 '17 at 10:04

Community

1
1

answered Jan 14 '16 at 21:54

Adrian Hall

7,990
1
18
26

How to disable Weak Ciphers from Azure mobile service?

1 Answers1