@Chang Yan
Thank you for your post and I apologize for the delayed response!
Error Message:
Upcoming TLS 1.0, 1.1 deprecation: Please enable support for TLS 1.2 on clients (applications/platforms) to avoid any service impact. Learn more here.
I understand that you're trying to leverage the Azure Key Vault but after creating the resource, you're running into the error message above. To hopefully help point you in the right direction or resolve your issue, I'll share my findings below.
Findings:
As shared by Andriy when it comes to the TLS 1.0 and 1.1 deprecation, you should be able to follow the How to enable TLS 1.2 on clients documentation in order to mitigate/avoid any service impacts to your Web Server.
Additional Link:
I also noticed within your follow-up comment that you ran into the below Key Vault error message when trying to create a Secret. To resolve this, I'll share the steps on how to troubleshoot this below.
Error Message:
The operation is not allowed by RBAC. If role assignments were recently changed, please wait several minutes for role assignments to become effective.
From your error message, this indicates that your user doesn't have the necessary permissions to create a Secret in the Key Vault. Because you're using the Key Vault RBAC permission model, you'll need to assign your user one of the Azure RBAC built-in roles for Key Vault data plane operations. For example:
Assign a Resource group scope role assignment:
- Go to the Resource Group that contains your key vault.
- Select Access control (IAM).
- Select Add > Add role assignment to open the Add role assignment page.
- Assign the appropriate role.

Additional Links:
I hope this helps!
If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.
If the information helped address your question, please Accept the answer. This will help us and also improve searchability for others in the community who might be researching similar information.