0

I have an app service on azure which only supports TLS 1.2.

Is there any way that I can redirect all the incoming traffic with TLS 1.0 to another app service which supports TLS 1.0?

I don't want to force support old TLS on my application but only redirect the traffic to another app-service which supports from TLS 1.0

learningtocode
  • 5
  • 1
  • You'd need a third app that supports both and acts as a proxy for the other two. This all sounds like a security hole TBH. Everyone should be able to use TLS 1.2 in 2021 – Liam Jul 26 '21 at 14:31

1 Answers1

1

afaik you can't control what the default behavior is when App Services detects an unauthorized version of TLS being used for your application.

What you can do, however, is enable all versions of TLS in your app and have code that looks at the provided X-Forwarded-TlsVersion HTTP header and performs whatever actions you require.

In your case you could have some code that runs on every request, checks this header, and if it's 1.0 trigger a redirect to the target service.

ardoRic
  • 71
  • 1
  • Worth nothing that this isn't re-routing traffic. A redirect would force another new HTTP request to the second service – Liam Jul 26 '21 at 14:30