Implementing mTLS authentication in azure app service node.js app.

Vishnu Rana 0 Reputation points
2024-03-23T13:44:50.11+00:00

Hi,

To implement mTLS client authentication in azure app service node.js app, I did the following task:

  1. Created a certificate using Azure "App Service Certificate" & exported as p12
  2. Configured custom domain for the node.js app
  3. Configured certificate to custom domain
  4. Created mTLS client authentication certificate (using openssl) from exported certificate (p12)
  5. In azure app service, Client certificate mode is set to required
  6. In azure app service, set environment variables “WEBSITE_LOAD_CERTIFICATES” and “WEBSITE_LOAD_ROOT_CERTIFICATES” to value certificate thumbprint
  7. Implemented mTLS client authentication certificate in node.js and other relevant codes

Still, getting error “You don't have authorisation to view this page. HTTP ERROR 403”

Is there something, am I missing out?

Regards,

Vishnu Rana

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
6,830 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Deepanshu katara 4,350 Reputation points
    2024-03-23T17:42:05.97+00:00

    Hi ,

    Please Verify Certificate Thumbprint: Double-check that the thumbprint you've configured in the WEBSITE_LOAD_CERTIFICATES and WEBSITE_LOAD_ROOT_CERTIFICATES environment variables matches the thumbprint of the certificate you've uploaded to Azure App Service. Even a small typo in the thumbprint can cause authentication failures.

    Kindly check and let us know