You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently there is no support for client certificate - App Service will supply certificate but there's no code in place to validate that it is valid. This kicks in KICS analysis warning saying that:
Website with Client Certificate Auth Disabled, Severity: HIGH
Obviously said certificate can be enabled but it won't do anything at the moment.
It would be nice to add certificate validation for this reason.
The text was updated successfully, but these errors were encountered:
https://stackoverflow.com/questions/64309694/how-to-decode-x-arr-clientcert-header-using-python?noredirect=1#comment113737180_64309694
Currently there is no support for client certificate - App Service will supply certificate but there's no code in place to validate that it is valid. This kicks in KICS analysis warning saying that:
Obviously said certificate can be enabled but it won't do anything at the moment.
It would be nice to add certificate validation for this reason.
The text was updated successfully, but these errors were encountered: