Share via

App Certificate Authentication

Christian Frei 0 Reputation points
2024-02-21T09:17:11.7266667+00:00

Hi all We are struglig with maybe a simple question. Scenario: An external app should use a client certificate to authenticate before making POST requests to our Azure App. Problem: We created pfx file for client (e.g. Postman) to authenticate against the Azure service. We used an ssl certificate bought from digicert. Apparently this isn't the right approach. We get always a 403 error and looking at certifcation chain we see in the certification validation, that certificate seems not valid for the selected purpose. Question: What certificate do we need to buy to enable the scenario? A client certificate like for S/MIME? We want to use public certificates and not privately signed for the root CA. Thanks, appreciate Chris

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
8,930 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. brtrach-MSFT 17,731 Reputation points Microsoft Employee Moderator
    2024-02-24T22:24:42.37+00:00

    @Christian Frei If you are using a signed CA cert, it must meet the below requirements:

    If you choose to upload or import a private certificate to App Service, your certificate must meet the following requirements:

    • Exported as a password protected PFX file, encrypted using triple DES.
    • Contains a private key at least 2048 bits long.
    • Contains all intermediate certificates and the root certificate in the certificate chain.

    If your certificate meets these requirements and you're still receiving a 403 error, reply back to this message and we will assist you further.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.