Incoming client certificates should be required to be 'On'

azure.appservice
이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Description

Client certificates allow for an app to request a certificate for incoming requests. Only clients that have a valid certificate can reach the app. The TLS mutual authentication technique in enterprise environments ensures the authenticity of clients to the server. If incoming client certificates are enabled, only an authenticated client who has valid certificates can access the app.

Remediation

From the console

  1. Log in to Azure Portal using https://portal.azure.com.
  2. Go to App Services.
  3. Click on each App.
  4. Under Settings section, Click on Configuration.
  5. Under Incoming client certificates, set the Client Certificate Mode option to Require.