Azure API Management - Policy fails during certificate validation

Question

We have added a policy in APIM for client certificate validation, which was working fine. But recently it started failing with error  

“Invalid client certificate”

We noticed that if we remove context.Request.Certificate.Verify()  it starts working again! 

What might be the cause?

Answer 1

"Invalid client certificate" in Azure API Management?

The Invalid client certificate is the request result for 403 Forbidden status code that raised

• After Timing out happened due to handling a large PUT/POST Request (Content length > 60KB )
• context.Request.Certificate is null.

How to solve the "Invalid client certificate" issue?

To overcome this issue, try to do the following:

• On the "Custom domains", check the "Negotiate client certificate".

Note: To disable checking certificate revocation list use context.Request.Certificate.VerifyNoRevocation() instead of context.Request.Certificate.Verify().

For more details, Please check

• How to secure APIs using client certificate authentication in API Management
• How to secure back-end services using client certificate authentication in Azure API Management
• HTTPS Client Certificate Request freezes when the Server is handling a large PUT/POST Request