How can we improve Azure API Management?

Improved mutual certificate authentication for front-end / public endpoint

The current method of verifying client certificates is by hard-coding the certificate thumbprint into a conditional in the policy.

A better solution would be to be able to match the incoming thumbprint to ALL thumbprints in the uploaded SSL key stores. As described in the last paragraph here:
https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-mutual-certificates-for-clients

However, currently only the private certificates are exposed in the context variable (context.Deployment.Certificates) rendering the aforementioned code non-working.

35 votes
Vote
Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)
You have left! (?) (thinking…)
Gustav shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

1 comment

Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)
Submitting...

Feedback and Knowledge Base