TLS issues
What is happening
Microsoft has an initiative to disable anything less that TLS 1.2 for security reasons. The Microsoft TLS 1.0 implementation has no known security vulnerabilities. But because of the potential for future protocol downgrade attacks and other TLS vulnerabilities, Office, for instance are discontinuing support for TLS 1.0 and 1.1 in Microsoft Office 365.
As this initiative is going through, you ask more and more questions about the fact that some services deployed to Azure require TLS 2.0, and this is caught by MSAL.NET. See for instance #657
MSAL.NET already supports TLS 2.0 (as previous versions). Some of you have proposed to set System.Net.ServicePointManager.SecurityProtocol to System.Net.SecurityProtocolType.Tls12, however this is not the right fix as when TLS 1.3 shows up, the apps would have to change.
What is the right fix?
We suggest you read Transport Layer Security (TLS) best practices with the .NET Framework. The simplest fix would be, if you can, to make sure your app moves to .NET Framework 4.7+, otherwise the best practices document details your options.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for