"502 Bad Gateway" error when I set "Client certificate mode" to "Require"

Mohsen Akhavan 741 Reputation points

I have a Web App and an Application Gateway. I configure the backend and listener.
In Web App, I have to set "Client certificate mode" to "Require" in the general setting.


When I set this configuration I can not open the web app and I receive this error:


In the Health Probe, I received "UnHealthy" and the below error:

Received invalid status code: 403 in the backend server’s HTTP response. As per the health probe configuration, 200-399 is the acceptable status code. Either modify probe configuration or resolve backend issues.  

But, when I change the configuration to the "Allow" or other items, the web app and Application Gateway work well.


What is the problem?

Azure App Services
Azure App Services
A feature of Azure App Service used to create and deploy scalable, mission-critical web apps.
4,560 questions
Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
610 questions
Azure Web Application Firewall
No comments
{count} votes

Accepted answer
  1. Cristian SPIRIDON 4,301 Reputation points


    If you want to enable client certificate in App Gateway scenarios you should exclude the probe url from this:


    The probe url should be a public url used only for sanity checking and you are safe to exclude this. You can exclude also any other public urls.

    Hope this helps!

0 additional answers

Sort by: Most helpful