![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 2%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMW%3C/text%3E%3C/svg%3E)
Azure App Configuration
An Azure service that provides hosted, universal storage for Azure app configurations.
206 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 32%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
SSL consists of 2 pieces - the protocol being used and the ciphers involved. When a site attempts to connect it sends along the TLS version and the supported ciphers. The server looks at the supported ciphers and sends back all the ciphers it supports. If there are none then the SSL connection fails. So if you are using ciphers that are not supported prior to TLS 1.2 then no client using a lesser version will have any ciphers the server allows. Therefore there is no benefit in supporting the earlier protocols.
Most sites only support TLS 1.2 anyway as the earlier protocols are not supported. Therefore I would say support only TLS 1.2 and remove any deprecated ciphers. However there are more than a couple ciphers that are still secure. You should enable all the secure ones. The less ciphers you support the more likely you are to have clients that don't support one of your ciphers and therefore fail to connect.
