Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
NWebsec.AzureStartupTasks provides an Azure startup task to harden the TLS configuration of Azure instances. Note that the startup tasks are built for Azure cloud services, they are not suitable for Azure websites.
You'll find the library on NuGet: NWebsec.AzureStartupTasks. You can also get it under "Releases".
You can take advantage of the scripts in several ways:
- Cloud service project
- Install the NuGet package in the web application project and add a few lines of config to the ServiceDefinition.csdef file in your cloud service project.
- Download the scripts and add them with relevant configuration to your projects.
- Stand-alone servers
- Download the package and user the PowerShell scripts directly. To see how the configuration is hardened, refer to TLS hardening.
To learn why you should harden the default TLS configuration, see the blog post: Hardening Windows Server 2008/2012 and Azure SSL/TLS configuration.