Azure Multi-Factor Authentication onprem Server User Portal
Category: azure multifactorauthentication
Question
NicholasCyg on Fri, 30 Sep 2016 07:23:14
Does Azure Multi-Factor Authentication onprem Server User Portal works only on TLS 1.0?
When I tried to disable tls 1.0 protocol on the server, user portal shows the following error:
Server Error in '/portal' Application.
An existing connection was forcibly closed by the remote host
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
|
Stack Trace:
|
Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.34280 Thanks in Advanced!
Replies
Neelesh Ray -MSFT on Fri, 30 Sep 2016 13:42:57
Hello,
We are checking on the query and would get back to you soon on this.
I apologize for the inconvenience and appreciate your time and patience in this matter.
Regards,
Neelesh
shawnb_ms on Mon, 03 Oct 2016 18:28:54
There shouldn't be any problem using TLS 1.2 with User Portal. Our engineers believe this is more likely to be an IIS configuration issue than an issue with User Portal. Are you able to get to the default page at the root of your website (such as iisstart.htm) using https?
If you are on Windows Server 2008, TLS 1.1 and 1.2 are not enabled by default.
https://forums.iis.net/t/1155254.aspx
http://tecadmin.net/enable-tls-on-windows-server-and-iis/#
NicholasCyg on Tue, 04 Oct 2016 09:45:44
Hi Shawn,
Yes we are able to access the iisstart.htm before & after TLS 1.0 is enabled.
With TLS 1.0 disabled and TLS 1.2 enabled.
We are still having error:
So back to our 1st question: Does Azure Multi-Factor Authentication onprem Server User Portal works only on TLS 1.0?
Thanks in Advanced.
NicholasCyg on Fri, 07 Oct 2016 01:49:16
Hi Shawn, Any updates? Thanks in Advances.
JaspreetNZ on Sun, 06 Nov 2016 22:36:39
Hi,
We are having the same issue. Disabling TLS 1.0 protocol breaks the Azure MFA portal. All other services :Mobile webservices and web service sdk remain operational except User Portal.
Thanks,
Jaspreet
Ryan.c. _ on Thu, 17 Aug 2017 21:33:43
I was able to resolve this issue by forcing .net framework to use TLS 1.2.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319
Add DWORD(32bit): SchUseStrongCrypto with value of 1
User portal now functional after disabling TLS 1.0 and 1.1