How to close the SSL connection after each request in Azure API Management

Question

I would like close the SSL connection after each request in Azure API Management (because of some weird firewall settings) between Azure API Management and the backend.

I have tried to Set HTTP header policy

<set-header name="Connection" exists-action="override">
  <value>close</value>
</set-header>

But on save, I receive the following error message

One or more fields contain incorrect values:

Error in element 'set-header' on line 30, column 10: Header name is invalid or restricted from modification.

According to Mozilla, the "Connection" HTTP header is a Forbidden header name

A forbidden header name is the name of any HTTP header that cannot be modified programmatically; specifically, an HTTP request header name (in contrast with a Forbidden response header name).

With Postman, I can set the "Connection" HTTP header and send my request.

How could I make Azure API Management to close SSL connection after each request?

Why use SSL ? I think you need to request the backend team to implement the TLS 1.2 encryption on their services — Mandar Dharmadhikari
Sorry, my bad. Of course I meant TLS 1.2. So this does not work over HTTP (using TLS 1.2) — Oliver Kocsis

Vitaliy Kurokhtin Vitaliy Kurokhtin · Accepted Answer · 2020-04-24T17:17:39

That is not possible. Backend connections in APIM are reused, so by the time you decide to close it it may already be used to send another request that came in parallel. There is a way to safely recycle backend connection, but it cannot be done on per request basis: https://docs.microsoft.com/en-us/rest/api/apimanagement/2019-12-01/backend/reconnect

Another approach would be to make your backend respond with HTTP 1.0. HTTP 1.0 implies non-persistent connections.

How to close the SSL connection after each request in Azure API Management

1 Answers