According to a recent change, SharePoint accepts communication only over TLS 1.2 (TLS 1.1 is deprecated).
If the Web App code is running on the older version of the .NET framework (i.e. 4.5), then it uses TLS version 1.1 as a default.
Hence the communication to SharePoint site is failing.
For an Immediate Fix we can update the Web App web.config file from the Kudu site (<app-name>.scm.azurewebsites.net) to point to the latest .NET framework version that uses the TLS version 1.2 by default.
Once on the Kudu site, navigate to the Debug Console -> CMD -> Drop into site/wwwroot path.
Once here we can edit the file directly in Kudu by clicking on the Pen Icon and update the below attributes in the System.Web section:
<system.web>
<compilation version "4.7.2">
<httpRuntime targetFramework="4.7.2" />
</system.web>
The disablement of TLS 1.0 and 1.1 for Microsoft 365 is mentioned in this document-
https://learn.microsoft.com/en-us/microsoft-365/compliance/tls-1.0-and-1.1-deprecation-for-office-365?view=o365-worldwide
For a Permanent Fix we can do either of the following,
- Update your Web App code to use the latest .NET framework (i.e. 4.6 and Above) which uses TLS version 1.2 as its default.
- If you cannot upgrade the code to the latest .NET framework version, then be sure to explicitly specify in your Web App code to use the TLS version 1.2 for communication by using this line: [Net.ServicePointManager]::SecurityProtocol = "tls12, tls11, tls"