I am testing authenticate against Client Certificate functionality with out of the box Echo API Get request, I have added a inbound rule to check the request has certificate
I am using self signed certificate, I have updated it under CA and client certificates
<inbound>
<choose>
<when condition="@(context.Request.Certificate == null)">
<return-response>
<set-status code="403" reason="Invalid client certificate"/>
</return-response>
</when>
</choose>
<base />
</inbound>
In my client Application, I am using below code to make a call
public static void MakeAnAzureApiCall()
{
var url = @"https://xxxx.azure-api.net/echo/resource?param1=sample";
var handler = new WebRequestHandler();
handler.ClientCertificateOptions = ClientCertificateOption.Manual;
SecureString sec = new SecureString();
string pwd = "P@ssw0rd";
pwd.ToCharArray().ToList().ForEach(sec.AppendChar);
sec.MakeReadOnly();
var cert = new X509Certificate2(@"C:\temp\apim.pfx", sec, X509KeyStorageFlags.MachineKeySet);
//X509Certificate2.CreateFromCertFile(@"C:\temp\apim1.cer");
handler.ClientCertificates.Add(cert);
var client = new HttpClient(handler);
var request = new HttpRequestMessage(HttpMethod.Get, url);
request.Headers.TryAddWithoutValidation("Ocp-Apim-Subscription-Key", "xxxxxxxxxxxxxxxxxx");
var response = client.SendAsync(request).Result;
string responseString = response.Content.ReadAsStringAsync().Result;
}
I am always getting 403 response from API management, looks like cert never received to APIM. Could any one know what I am doing wrong here?
