I have been trying, without success, to disable the RC4 Cipher on Azure. I came across a code sample that worked with a Web Role:
string[] subKeys = new string[]
{
"RC4 40/128",
"RC4 56/128",
"RC4 64/128",
"RC4 128/128",
};
RegistryKey parentKey = Registry.LocalMachine.OpenSubKey(@"SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers", true);
foreach(string keyName in subKeys)
{
var newKey = parentKey.CreateSubKey(keyName);
newKey.SetValue("Enabled", 0);
newKey.Close();
}
As we are using WebApp's, I created a WebJob containing the code above. When executed I get a security exception:
System.Security.SecurityException: Requested registry access is not allowed.
Is there a way to run a WebJob in an elevated execution context? Or a way to use PowerShell?
We are currently being audited and this was flagged as something which requires attention.
You cannot achieve this with a WebApp. Because WebApps run in a multi-tenanted environment access to the registry is restricted. This page contains a feature comparison between WebApps and WebRoles.
https://azure.microsoft.com/en-gb/documentation/articles/choose-web-site-cloud-service-vm/