[英]How to turn off SSL validation on an Azure API Management policy?
I have APIM setup and i am adding a validate-jwt policy to my apis. 我有APIM设置,我正在向我的apis添加validate-jwt策略。 I have my own openid connect server. 我有自己的openid连接服务器。 however when i add the policy i get an error that it could not connect to my openid-configuration endpoint because it can't validate the certificate. 但是当我添加策略时,我收到一个错误,它无法连接到我的openid配置端点,因为它无法验证证书。
my identity server is hosted in my service fabric cluster and is in a dev environment so i am using a self-signed certificate. 我的身份服务器托管在我的服务结构集群中,并且处于开发环境中,因此我使用的是自签名证书。
is there any way to tell APIM to trust the certificate so it can contact my server? 有没有办法告诉APIM信任证书,以便它可以联系我的服务器?
<validate-jwt header-name=”Authorization” failed-validation-httpcode=”401″ failed-validation-error-message=”Access token is missing or invalid.”>
<openid-config url=”https://myserver/.well-known/openid-configuration” />
<required-claims>
...
</required-claims>
</validate-jwt>
Thanks for any help. 谢谢你的帮助。
I don't think it's possible at the moment. 我认为目前不可能。 You could switch to http instead of https in openid-config, if you're comfortable with that. 如果您对此感到满意,可以在openid-config中切换到http而不是https。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.