authentication-certificate configuration in Azure Key Vault from an API Management policy

ssstestpbix 1 Reputation point
2021-05-17T12:33:01.017+00:00

I'm facing below issue-

One or more fields contain incorrect values:
Error in element 'authentication-certificate' on line 18, column 10: Exactly one of a thumbprint or certificate-id or body must be specified.

I'm configuring correct Certificate-id in inbound policy but getting above error . I have tried with thumbprint and body also .
<inbound>
<base />
<authentication-certificate certificate-id="client-certificate-dev" />
</inbound>

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,286 questions
Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
2,130 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. MayankBargali-MSFT 70,451 Reputation points
    2021-05-18T11:22:26.327+00:00

    Hi @ssstestpbix

    Welcome to Microsoft Q&A! Thanks for posting the question.

    When you are using authentication-certificate, Please make sure that the certificate needs to be installed into API Management first and is identified by its thumbprint or certificate ID (resource name).

    0 comments No comments

  2. Nimesh Patel 1 Reputation point
    2022-02-07T20:13:58.87+00:00

    I have same issue. certificate is installed into API Management's Certificate tab (from Key Vault). it still gives the error. Below is the error I receive:

    One or more fields contain incorrect values:
    Error in element 'authentication-certificate' on line 16, column 10: The Certificate with id 'testKVCert' and thumbprint 'XXXXXXXXXXXXXXXXXX' is configured with KeyVault secret 'https://kvtestldb.vault.azure.net/secrets/CERTtest' and cannot be referenced by thumbprint. Please reference it with certificate-id 'testKVCert' in the policy.

    How can I fix this issue? Please help!


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.