cert missing when request arrive Azure web role

0
votes

my works based on a azure web site using client certificate authenticate. it work with old cert. and i applied for a new cert and add it into request. but when request arrived Azure web role side. nothing can retrieved from request, my own code is not executed and return 403 directly.

i guess there is a issue with cert? i installed the cert in local machine, it work well in local. and install it into azure with .pfx and password. no change happened.

there is any other operates when install cert into azure? does anyone can help me? pls

1
azureauthenticationx509certificateclient-certificates

1 Answers

0
votes

You need to share more details on what the exact error is. Start by figuring out, what the sub status code really is? whether it is 403.7 or 403.13 or something else

You can enable the logging for the site hosted on the web role and check what is the sub-status code (403.??).

Also you mentioned that the client is an Azure Web Site, so I guess you can enable System.Net tracing to gather more details and share it here. Add the following on the client web app's web.config.

<configuration>
  <system.diagnostics>
    <trace autoflush="true" />
    <sources>
      <source name="System.Net">
        <listeners>
          <add name="System.Net"/>
        </listeners>
      </source>
      <source name="System.Net.Cache">
        <listeners>
          <add name="System.Net"/>
        </listeners>
      </source>
      <source name="System.Net.Http">
        <listeners>
          <add name="System.Net"/>
        </listeners>
      </source>
      <source name="System.Net.HttpListener">
        <listeners>
          <add name="System.Net"/>
        </listeners>
      </source>
      <source name="System.Net.Sockets">
        <listeners>
          <add name="System.Net"/>
        </listeners>
      </source>
      <source name="System.Net.WebSockets">
        <listeners>
          <add name="System.Net"/>
        </listeners>
      </source>
    </sources>
    <sharedListeners>
      <add name="System.Net" type="System.Diagnostics.TextWriterTraceListener" initializeData="D:\home\LogFiles\System.Net.trace.log" traceOutputOptions = "ProcessId, DateTime" />
    </sharedListeners>
    <switches>
      <add name="System.Net" value="Verbose" />
      <add name="System.Net.Sockets" value="Verbose" />
      <add name="System.Net.Http" value="Verbose"/>  
      <add name="System.Net.Cache" value="Verbose" />
      <add name="System.Net.HttpListener" value="Verbose" />
      <add name="System.Net.WebSockets" value="Verbose"/>  
    </switches>
    <trace autoflush="true"/>
  </system.diagnostics>
</configuration>