34 C
Thursday, May 23, 2024

Secure APIs using Client Certificate in API Management

Let’s see how to secure API using Client Certificate in Azure API management

  • Make sure you have SSL added on Custom Domain
  • Negotiate Certificate is Checked

Now let’s generate a Custom Client Certificate to be used on the Client Side using Windows Powershell

New-SelfSignedCertificate -DnsName "azure365pro", "azure365pro" -CertStoreLocation "cert:\LocalMachine\My" -NotAfter (Get-Date).AddYears(10) -FriendlyName "CAazure365pro" -KeyUsageProperty All -KeyUsage CertSign, CRLSign, DigitalSignature

$mypwd = ConvertTo-SecureString -String "123" -Force -AsPlainText

Get-ChildItem -Path cert:\localMachine\my\4D589CA579F672252668920A54D52DEDB16A9688 | Export-PfxCertificate -FilePath "C:\Scripts\certs.pfx" -Password $mypwd

Now Cert is ready

Add Certificates

you can use key vault – in this case and uploading directly

Now update the Inbound policy as below to use thumbprint directly without uploading the certificate to API management

if you want to use from the uploaded client certificates list use below

Now lets call the API using Client Certificate using postman

Add the certificate

if you call the call the API without a certificate

if you call the call the API with the client certificate

Satheshwaran Manoharan
Satheshwaran Manoharanhttps://www.azure365pro.com
Award-winning Technology Leader with a wealth of experience running large teams and diversified industry exposure in cloud computing. From shipping lines to rolling stocks.In-depth expertise in driving cloud adoption strategies and modernizing systems to cloud native. Specialized in Microsoft Cloud, DevOps, and Microsoft 365 Stack and conducted numerous successful projects worldwide. Also, Acting as a Technical Advisor for various start-ups.

Related Articles



Please enter your comment!
Please enter your name here

× How can I help you?