Allow Mutual SSL Auth on Application Gateway
At the moment SSL termination is possible with Application Gateway but it doesn't cater for instances where client authentication is required (mutual auth). So if client auth is required, SSL needs to be passed through and terminated on each of the web servers. This increases load across the server farm and makes management of certificates more difficult since all certs need to be maintained on all servers. I believe this function is available with API Management but the additional cost is hard to justify if one doesn't require the other additional features. So having mutual SSL auth capability built into the Application Gateway would be fantastic.
Thanks for all your feedback so far. This is something we are looking to address relatively soon. Please stay tuned.
Saty Krish commented
Do you have a timeline on when this will be available?
I would like to authorize my payload sending across to IOT hub via device using mutual SSL, is there any way I can do that?
For now i can only authorize using SAS token
naruhiro kawauchi commented
I'm troubled this issue, too.
koji aizawa commented
When this function is available? I'm troubled this issue...
Mutual Auth is already in the product backlog based on similar asks from other customers and it is something we will consider in the next planning phase.