Azure Automation and Microsoft Graph TLS Version Issue

As you might have heard, Microsoft is rushing to get rid of older insecure TLS versions. TLS 1.2 is the new minimum in Microsoft 365 and a couple of days ago (on the 20th of February 2019 according to my logs) this also happened in Microsoft Graph. I noticed this because my Azure Automation runbooks with Graph calls stopped working. The error was this:

GraphTls1

Failed The underlying connection was closed: An unexpected error occurred on a send. (The underlying connection was closed: An unexpected error occurred on a send. (Unable to read data from the transport connection: Overlapped I/O event is not in a signaled state. (Overlapped I/O event is not in a signaled state)))

The message isn’t all that clear but it turns out that it’s a TLS issue where PowerShell in Azure Automation is using an older version which Graph won’t accept. This did not happen on my Windows 10 1809 workstation where the right TLS version was used by default when connecting to Graph.

I put the following line in my runbook scripts before querying Graph to force TLS 1.2 and that solved the issue.

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Problem solved:

GraphTls2

Please follow me here, on LinkedIn and on Twitter!

@DanielChronlund

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s