Network misconfigurations

Azure PostgreSQL flexible Server SSL enforcement disabled

Platform(s)
Compliance Frameworks

Description

Azure Database for PostgreSQL - Flexible Server supports connecting your client applications to the PostgreSQL service using Transport Layer Security (TLS), previously known as Secure Sockets Layer (SSL). TLS is an industry standard protocol that ensures encrypted network connections between your database server and client applications, allowing you to adhere to compliance requirements. By default, secured connectivity between the client and the server is enforced. It was detected that TLS/SSL is disabled for connecting to {AzurePostgresFlexibleServer} PostgreSQL flexible server - server parameter 'require_secure_transport' is set to to 'OFF'.
  • Recommended Mitigation

    For each PostgreSQL flexible Server, enable TLS/SSL by setting server parameter 'require_secure_transport' to 'ON'.