Azure Functions
An Azure service that provides an event-driven serverless compute platform.
5,929 questions
A community member has associated this post with a similar question:
Can not access API via device
Only moderators can edit this content.
Potential TLS Security Concern on Azure Function App
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 95%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED%3C/text%3E%3C/svg%3E)
DJ
50
Reputation points
Hi,
I have another case related to my IoT device losing connection to my Function Apps after the maintenance on 31st March. While attempting to resolve the issue, I noticed what I believe may be a potential security breach on Azure, which I think is a serious concern.
Is it considered a security issue if you can still connect to an Azure Function App (configured with a minimum TLS version of 1.3) using TLS 1.2 via a GSM modem module? Does that sound correct? I'm not a security expert, but this seems unexpected.
Azure Functions
{count} votes
-
Deleted
This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 22%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESE%3C/text%3E%3C/svg%3E)
Shireesha Eeraboina 3,435 Reputation points Microsoft External Staff Moderator2025-04-07T06:52:18.56+00:00 Hi DJ,
If your Azure Function App is configured with a minimum TLS version of 1.3, it should ideally reject connections using TLS 1.2. If you are still able to connect using TLS 1.2, this could indicate a misconfiguration or a potential security concern. It's important to ensure that the minimum TLS version is enforced correctly to maintain security standards.
For your reference, please review the following documentation for further clarification:
I hope this addresses your query. Please let me know if you need any further assistance or clarification.
-
DJ 50 Reputation points
2025-04-07T19:29:41.5+00:00 Thank you for your reply. There is something wrong with azurewebsites.net after a recent update.
Due to this TLS issue created recently, my devices are all affected?
Would you be part of the TLS or App development team?
Can you PM so I can provide some additional information?
-
Shireesha Eeraboina 3,435 Reputation points Microsoft External Staff Moderator
2025-04-10T06:03:28.4833333+00:00 Hello DJ,
I apologize for the delay in my response and thank you for your understanding.
Could you please clarify which maintenance you're referring to—was it the Iridias - Maintenance? If so, we’ve reviewed the Releases · Azure/AppService, and we don’t see any updates related to TLS being pushed as part of that.
As previously shared, Azure Function Apps use TLS 1.2 by default, and we haven't observed any changes to that configuration recently.
If you’re still encountering TLS-related issues, we may need to engage the networking team and perform a packet capture to understand what’s causing the TLS errors.
I hope this addresses your query. Please let me know if you need any further assistance or clarification.
-
DJ 50 Reputation points
2025-04-10T06:54:38.11+00:00 @Shireesha Eeraboina the cause is in TLS handshake when our devices are configured to accept all TLS. We do not get a server response hello message. Can you engage with someone to help solve this issue?
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(41.6, 13%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPK%3C/text%3E%3C/svg%3E)
Pravallika Kothaveeranna Gari 955 Reputation points Microsoft External Staff Moderator2025-04-11T11:48:03.2633333+00:00 DJ, If there is a TLS version mismatch between client and server, the connection will fail. For example, if a server supports only TLS 1.2 and the client requests TLS 1.3, the connection will fail. Please check and confirm if you have encountered such compatibility issues.