How to turn off SSL validation on an Azure API Management policy?
Question
I have APIM setup and i am adding a validate-jwt policy to my apis. I have my own openid connect server. however when i add the policy i get an error that it could not connect to my openid-configuration endpoint because it can't validate the certificate.
my identity server is hosted in my service fabric cluster and is in a dev environment so i am using a self-signed certificate.
is there any way to tell APIM to trust the certificate so it can contact my server?
<validate-jwt header-name=”Authorization” failed-validation-httpcode=”401″ failed-validation-error-message=”Access token is missing or invalid.”>
<openid-config url=”https://myserver/.well-known/openid-configuration” />
<required-claims>
...
</required-claims>
</validate-jwt>
Thanks for any help.
1 answers
solution1
0 2019-06-03 09:07:34
I don't think it's possible at the moment. You could switch to http instead of https in openid-config, if you're comfortable with that.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.