Allow Mutual SSL Auth on Application Gateway

At the moment SSL termination is possible with Application Gateway but it doesn't cater for instances where client authentication is required (mutual auth). So if client auth is required, SSL needs to be passed through and terminated on each of the web servers. This increases load across the server farm and makes management of certificates more difficult since all certs need to be maintained on all servers. I believe this function is available with API Management but the additional cost is hard to justify if one doesn't require the other additional features. So having mutual SSL auth capability built into the Application Gateway would be fantastic.

801 votes

Vote

(thinking…)

Microsoft

Forgot password?

Create a password

Signed in as (Sign out)

You have left! (?) (thinking…)

Brandon shared this idea · August 18, 2015 · Flag idea as inappropriate… · Admin →

planned ·

AdminAzure Networking Team (Product Manager, Microsoft Azure) responded · October 09, 2018

Thanks for all your feedback so far. This is something we are looking to address relatively soon. Please stay tuned.

Show previous admin responses (3)

45 comments

Add a comment…

Attach a File

(thinking…)

Microsoft

Forgot password?

Create a password

Signed in as (Sign out)

Submitting...

An error occurred while saving the comment

Anonymous commented · July 25, 2019 03:48 · Flag as inappropriate

news?

Submitting...
Timir commented · July 20, 2019 07:49 · Flag as inappropriate

Is it something available now?

Submitting...
Chad commented · July 09, 2019 09:32 · Flag as inappropriate

Please consider adding a "x-forwarded-client-cert" style header so we can validate the client certificate in downstream proxies (ex: Azure Api Management)

Submitting...
Daniel Scheiner commented · July 04, 2019 07:41 · Flag as inappropriate

It has been 3 years... can the community help?
Your customers are getting concerned!

Submitting...
Jean-Yves LAUGEL commented · June 26, 2019 01:17 · Flag as inappropriate

Any news ? Any ETA ?
Thanks !

Submitting...
ross baker commented · June 24, 2019 02:03 · Flag as inappropriate

Hi any update please ?

Submitting...
Anonymous commented · May 10, 2019 06:15 · Flag as inappropriate

Any updates on this?

Submitting...
Param Bindra commented · May 01, 2019 13:36 · Flag as inappropriate

This was reported in 2015 and planned working on Oct 2018. This is much needed feature. Do we have it now? Please confirm.

Submitting...
Martin Francis commented · April 22, 2019 06:59 · Flag as inappropriate

would this cover mutual TLS . Use case would be to only allow traffic from specific clients to be allowed . Not requiring to allow clients based on IP

Submitting...
Harees Syed commented · April 17, 2019 12:17 · Flag as inappropriate

ETA please

Submitting...
AD Ruben Laureys commented · April 15, 2019 02:31 · Flag as inappropriate

ETA please? This is a much needed feature!

Submitting...
AD Koen Theyssens commented · April 15, 2019 01:47 · Flag as inappropriate

I need this to simplify my setup, any ETA?

Submitting...
Anonymous commented · April 15, 2019 01:38 · Flag as inappropriate

can this be arranged/developed please?

Submitting...
Hans Rombauts commented · April 12, 2019 00:47 · Flag as inappropriate

Any update? ETA?

Submitting...
Bjorn Hoorelbeke commented · April 12, 2019 00:40 · Flag as inappropriate

Any update yet please?

Submitting...
Benoy George commented · April 04, 2019 15:13 · Flag as inappropriate

Also, this must be made compatible for use with Azure Traffic Manager

Submitting...
Benoy George commented · April 04, 2019 15:08 · Flag as inappropriate

Any update?

Submitting...
Seth Garfinkel commented · April 03, 2019 08:09 · Flag as inappropriate

This is ridiculous. How many more years are we going to have to wait for this?? We are coming up on 4 years! Come on MS!

Submitting...
Srikant commented · March 18, 2019 06:10 · Flag as inappropriate

This feature is very much needed from security point of view. Is there an ETA by when it can be expected ?

Submitting...
Anonymous commented · March 06, 2019 02:42 · Flag as inappropriate

Any update?

Submitting...