29.5 C
Dubai
Sunday, October 2, 2022
spot_img

Secure APIs using Client Certificate in API Management

Let’s see how to secure API using Client Certificate in Azure API management

  • Make sure you have SSL added on Custom Domain
  • Negotiate Certificate is Checked

Now let’s generate a Custom Client Certificate to be used on the Client Side using Windows Powershell

New-SelfSignedCertificate -DnsName "azure365pro", "azure365pro" -CertStoreLocation "cert:\LocalMachine\My" -NotAfter (Get-Date).AddYears(10) -FriendlyName "CAazure365pro" -KeyUsageProperty All -KeyUsage CertSign, CRLSign, DigitalSignature

$mypwd = ConvertTo-SecureString -String "123" -Force -AsPlainText

Get-ChildItem -Path cert:\localMachine\my\4D589CA579F672252668920A54D52DEDB16A9688 | Export-PfxCertificate -FilePath "C:\Scripts\certs.pfx" -Password $mypwd

Now Cert is ready

Add Certificates

you can use key vault – in this case and uploading directly

Now update the Inbound policy as below to use thumbprint directly without uploading the certificate to API management







if you want to use from the uploaded client certificates list use below





Now lets call the API using Client Certificate using postman

Add the certificate

if you call the call the API without a certificate

if you call the call the API with the client certificate

Satheshwaran Manoharan
Satheshwaran Manoharanhttps://www.azure365pro.com
Specialized in Microsoft Azure - Office 365 / Microsoft Exchange; conducted numerous projects worldwide in designing, supporting, and implementing messaging and virtualization infrastructure for medium-sized and large enterprises. Further, I am a Cloud Architect and Technical Advisor for various start-ups.

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here