Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Problem:
Customer follows this blog to use armclient to enable client certificate for his web site. Issuing the armclient PUT command results in the following error:
HTTP/1.1 400 BadRequest
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
x-ms-ratelimit-remaining-subscription-writes: 1199
x-ms-request-id: befeee1f-ac33-4d84-8f04-0ff36d9aa698
x-ms-correlation-request-id: befeee1f-ac33-4d84-8f04-0ff36d9aa698
x-ms-routing-request-id: WESTUS2:20170312T180143Z:befeee1f-ac33-4d84-8f04-0ff36d9aa698
Cache-Control: no-cache
Date: Sun, 12 Mar 2017 18:01:42 GMT
ETag: "1D29B57E7FD6890"
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
{
"Code": "BadRequest",
"Message": "Cannot enable client certificate for a site 'MyWebSite' because current site mode does not allow it.",
"Target": null,
"Details": [
{
"Message": "Cannot enable client certificate for a site 'MyWebSite' because current site mode does not allow it."
},
{
"Code": "BadRequest"
},
{
"ErrorEntity": {
"Code": "BadRequest",
"Message": "Cannot enable client certificate for a site 'MyWebSite' because current site mode does not allow it.",
"ExtendedCode": "04104",
"MessageTemplate": "Cannot enable client certificate for a site '{0}' because current site mode does not allow it.",
"Parameters": [
"MyWebSite"
],
"InnerErrors": null
}
}
],
"Innererror": null
}
Resolution:
The above error can happen if the Azure web site is running in either Free or Shared pricing tier, which do not have support for client certificate. Customer needs to scale up to a dedicated app service plan.
Reference: