Cache Remove Tls 10 11 - Document Details

About This Page

This page is part of the Azure documentation. It contains code examples and configuration instructions for working with Azure services.

View on GitHub 📚 View on Microsoft Learn

Bias Analysis

Detected Bias Types

powershell_heavy

missing_linux_example

windows_tools

windows_first

Summary

The documentation page demonstrates a Windows bias by providing only PowerShell scripts and commands for checking and configuring TLS settings, with no equivalent Bash, Linux shell, or cross-platform examples. The use of PowerShell and references to the Az.RedisCache module are specific to Windows environments, and there is no mention of Linux tools or commands for performing the same tasks. The CLI section is minimal and does not provide a Linux-friendly workflow for updating existing caches. The order of presentation also places Windows/PowerShell instructions before any mention of CLI or cross-platform approaches.

Recommendations

Provide equivalent Bash or shell script examples for checking TLS versions from Linux environments, using tools like openssl or nmap.
Include Azure CLI commands for both creating and updating the Minimum TLS version, and clarify any limitations or workarounds for Linux users.
When presenting scripts or commands, offer both Windows (PowerShell) and Linux (Bash/shell) examples side by side.
Reference cross-platform tools (e.g., openssl s_client) for TLS version checks.
Avoid assuming the use of Windows-specific modules or tools; mention alternatives for Linux/macOS users.
Ensure that CLI and cross-platform instructions are given equal prominence and not relegated to secondary status after Windows/PowerShell instructions.

Create Pull Request

Scan History

Date	Scan	Status	Result
2025-07-12 23:44	#41	cancelled	Biased
2025-07-12 00:58	#8	cancelled	Clean
2025-07-10 05:06	#7	processing	Clean
2025-07-09 23:22	#6	cancelled	Clean

Flagged Code Snippets

   Set-AzRedisCache -Name <YourRedisCacheName> -MinimumTlsVersion "1.2"

    param(
    [Parameter(Mandatory=$true)]
    [string]$redisCacheName,
    [Parameter(Mandatory=$false)]
    [string]$dnsSuffix = ".redis.cache.windows.net",
    [Parameter(Mandatory=$false)]
    [int]$connectionPort = 6380,
    [Parameter(Mandatory=$false)]
    [int]$timeoutMS = 2000
    )
    $redisEndpoint = "$redisCacheName$dnsSuffix"
    $protocols = @(
        [System.Security.Authentication.SslProtocols]::Tls,
        [System.Security.Authentication.SslProtocols]::Tls11,
        [System.Security.Authentication.SslProtocols]::Tls12
    )
    $protocols | % {
        $ver = $_
        $tcpClientSocket = New-Object Net.Sockets.TcpClient($redisEndpoint, $connectionPort )
        if(!$tcpClientSocket)
        {
            Write-Error "$ver- Error Opening Connection: $port on $computername Unreachable"
            exit 1;
        }
        else
        {
            $tcpstream = $tcpClientSocket.GetStream()
            $sslStream = New-Object System.Net.Security.SslStream($tcpstream,$false)
            $sslStream.ReadTimeout = $timeoutMS
            $sslStream.WriteTimeout = $timeoutMS
            try
            {
                $sslStream.AuthenticateAsClient($redisEndpoint, $null, $ver, $false)
                Write-Host "$ver Enabled"
            }
            catch [System.IO.IOException]
            {
                $null = $_
                #Write-Host "$ver Disabled"
            }
            catch
            {
                $null = $_
                #Write-Error "Unexpected exception $_"
            }
        }
    }