Updated default TLS policy for Azure Application Gateway
Published date: July 27, 2023
We have updated the default TLS configuration for new deployments of the Application Gateway to Predefined AppGwSslPolicy20220101 policy to improve the default security. This recently introduced, generally available, predefined policy ensures better security with minimum TLS version 1.2 (up to TLS v1.3) and stronger cipher suites.
The default policy change applies to API versions (2023-02-01 or higher). The AppGwSslPolicy20220101 policy gets auto applied when no specific TLS policy is defined in the resource configuration during deployment. You can, however, choose to modify to any other TLS policy later, depending on your needs.