I have a VM scale set with this image:
Publisher: MicrosoftWindowsServer
Offer: WindowsServer
SKU: 2016-Datacenter-with-Containers
Version: latest
These machines are running SSL web endpoint hosted in service fabric. The website is build in dotnetcore with a WebListener which propably uses the http.sys
I was wondering why new VM images still supports RC4 ciphers and how to disable them. I don't want to do it manually because that will break to autoscaling.
Similar issue, but then for Worker roles: How to disable RC4 cipher on Azure Web Roles
Treating this as two separate questions:
For the Windows 2016 virtual machine images - typically backwards compatibility is prioritized to avoid breaking existing applications which rely on older protocols. Adding the windows-server-2016 tag in case anyone wants to comment further on that.
For scale sets - Write a custom script extension to apply the same changes you'd have applied manually. This will then apply to every VM, and new VMs that are subsequently created.