Client-Side Certificate Authentication with Azure and Apache/Rails RRS feed

  • Question

  • I have an API Management Portal with Azure, which is connected to a Linux VM running a small Rails API. I've been given the directive to use client-side certificates to authenticate, allowing any authenticated user access to all of the API's actions. I have a server-side certificate, but I'm not sure how to hook that up to my management portal. Ideally, what I'd like to see is authentication through Apache, and then authorization through the app itself (matching records to the correct user).
    Saturday, October 8, 2016 6:34 PM

All replies

  • Hello,

    We are checking on the query and would get back to you soon on this.

    I apologize for the inconvenience and appreciate your time and patience in this matter.


    Sunday, October 9, 2016 10:48 AM
  • Thank you for working on this on the weekend!
    Sunday, October 9, 2016 2:51 PM
  • Hello PaulMulligan,

    To accept client certificates on the front-end please follow the instructions here and let us know the feedback.


    Hope it helps!



    If a post answers your question, please click Mark as Answer on that post and Vote as Helpful.

    Wednesday, October 12, 2016 6:48 AM
  • This is a good article, but unfortunately, I've already done this step. I have the certificate thumbprint loaded in the headers for api calls, but I'm still not getting authenticated when I try to make api calls.
    Wednesday, October 12, 2016 1:10 PM
  • Hello PaulMulligan,

    We are checking on your query internally and will get back to you soon with an update.


    Thursday, October 13, 2016 3:19 AM
  • Any update on this?

    I've been doing something similar from a Node .JS application and when I call the appropriate API in APIM that uses proxy authentication (client certificate auth) I see the following error when testing against it:

    { Error: Unauthorized: Client certificate required (UNABLE_TO_GET_ISSUER_CERT)

    The chain is provided in the PFX and testing the API directly, bypassing APIM works with a client certificate.


    Thursday, November 17, 2016 5:41 PM