none
Certificate "Subject Alternative Name" Field

    Question

  • How do I access the "Subject Alternative Name" field of a client certificate on the APIM frontend?

    I can't seem to access this using the "context.Request.Certificate", Extensions collection (context.Request.Certificate.Extensions).

    This is my code but when I try and save this in the APIM Policy window I get the following error.

    Error in element 'set-header' on line 69, column 10: Usage of type 'System.Security.Cryptography.AsnEncodedData' is not supported within expressions

    The code works fine if I run it within vscode (and replace "context.Request.Certificate" with my own certificate object containing the same certificate file).

    Any help appreciated.

    ##### CODE Below ####
                    var certSAN = "";
                    foreach (X509Extension certExtension in context.Request.Certificate.Extensions)
                    {
                        AsnEncodedData asndata = new AsnEncodedData(certExtension.Oid, certExtension.RawData);
                        if (asndata.Oid.Value.Equals("2.5.29.17"))
                        {
                            certSAN = asndata.Format(true);
                        }
                    }
                    return certSAN;


    • Edited by TheR00nster Wednesday, December 5, 2018 8:27 PM
    Wednesday, December 5, 2018 4:18 PM

All replies