"502 Bad Gateway" error when I set "Client certificate mode" to "Require"

Mohsen Akhavan 936 Reputation points

I have a Web App and an Application Gateway. I configure the backend and listener.
In Web App, I have to set "Client certificate mode" to "Require" in the general setting.


When I set this configuration I can not open the web app and I receive this error:


In the Health Probe, I received "UnHealthy" and the below error:

Received invalid status code: 403 in the backend server’s HTTP response. As per the health probe configuration, 200-399 is the acceptable status code. Either modify probe configuration or resolve backend issues.  

But, when I change the configuration to the "Allow" or other items, the web app and Application Gateway work well.


What is the problem?

Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
955 questions
Azure Web Application Firewall
Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
6,833 questions
0 comments No comments
{count} votes

Accepted answer
  1. Cristian SPIRIDON 4,471 Reputation points


    If you want to enable client certificate in App Gateway scenarios you should exclude the probe url from this:


    The probe url should be a public url used only for sanity checking and you are safe to exclude this. You can exclude also any other public urls.

    Hope this helps!

    0 comments No comments

0 additional answers

Sort by: Most helpful