I am trying to validate a client certificate in Azure API management using context.Request.Certificate.Verify()
method. I have tried the following steps:
context.Request.Certificate.Verify()
.Now, when I try to call APIM api with client certificate, the above method (step 4) is always coming as False, verified from apim trace. Not sure, what and where I am doing wrong things. Any help/guidance or any article is really helpful.
For client certificate validation in Azure API management generally following steps are required.
You van utilize this guide to set up the CA.
I faced the similar issues, Investigation Summary / Cause are below:
2 options to fix the issue
Note: If certificate.verify is a mandatory order from your security team, then you would have to purchase a certificate from trusted CA o you need to VerifyNoRevocation since apim cannot retrieve revocation list information and VerifyNoRevocation will still perform verifying certificate path as well
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.