Function app python need client certificate enabled for incomming request

Shaik Rahiman (UK) 1 Reputation point
2022-06-22T12:25:33+00:00

Hi,

We need to enable client certificate enabled for Azure function app with python. Please let me know steps and how to validate in FA python.

Azure Web Apps
Azure Web Apps
A feature of Azure App Service used to create and deploy scalable, mission-critical web apps.
4,321 questions
Azure Functions
Azure Functions
An Azure service that provides an event-driven serverless compute platform.
2,601 questions
No comments
{count} votes

1 answer

Sort by: Most helpful
  1. SnehaAgrawal-MSFT 11,256 Reputation points Microsoft Employee
    2022-06-23T08:35:31.177+00:00

    Thanks for reaching here! To enable client certificates from Azure Portal follow below steps:

    1. From the left navigation of your app's management page, select Configuration > General Settings.
    2. Set Client certificate mode to Require. Click Save at the top of the page.

    You may set from Azure CLI also, run the following command in the Cloud Shell:

    az webapp update --set clientCertEnabled=true --name <app-name> --resource-group <group-name>   
    

    Also In App Service, TLS termination of the request happens at the frontend load balancer.

    When forwarding the request to your app code with client certificates enabled, App Service injects an X-ARR-ClientCert request header with the client certificate.
    App Service does not do anything with this client certificate other than forwarding it to your app. Your app code is responsible for validating the client certificate.

    You may refer to this detailed document link: https://learn.microsoft.com/en-us/azure/app-service/app-service-web-configure-tls-mutual-auth#enable-client-certificates

    For How to decode X-ARR-ClientCert header using Python you may refer this discussion.

    Let us know if further query or issue remains.

    No comments