We are using windows azure to host our website and an SSL certificate. The SSL binding has an SSL type of SNI SSL
. It works fine in most browsers but some browsers who do not support SNI(Server Name Indication) are complaining about the certificate. The certificate provider (Globalsign) is saying a default
or fall-back
certificate can be configured for those browsers who do not support SNI but just wondering how this can be set-up on azure. I m looking for a walk-through or a a list of steps. I have referred to this page but there is no mention of default or fall-back certificates, neither can find any thing obvious on azure portal. Any ideas? thanks
0
votes
1 Answers
1
votes
The fallback Certificate relies on having an SSL 3 certificate - as this is the best that ie6 can manage.
Unfortunately there are a lot of exploits available for SSL3, and Microsoft disabled it across all of its online services in 2015. For this reason you cannot configure Azure to work with pre ie6 clients.
Microsoft is announcing that with the release of security update 3038314 on April 14, 2015 SSL 3.0 is disabled by default in Internet Explorer 11. Microsoft is also announcing that SSL 3.0 will be disabled across Microsoft online services over the coming months.