News/Tech News

Azure Application Gateway Now Supports mTLS and OCSP

Published on march 1, 2023

With the release of its Azure Application Gateway, Microsoft has announced that it now supports mutual Transport Layer Security (mTLS) and Online Certificate Status Protocol (OCSP).

mTLS ensures that both the server and client authenticate each other before establishing a secure connection. Additionally, OCSP checks the status of digital certificates in real time, reducing the risk of cyber attacks. The implementation of mTLS and OCSP in Azure Application Gateway enhances security, improves compliance, and reduces the risk of cyberattacks.

It provides an additional layer of security, ensuring that the authenticity of both the client and server is verified, making it more secure than TLS.

The Application Gateway supports certificates issued by both public and private certificate authorities. In addition, it supports TLS termination at the gateway, which improves performance and reduces the load on the backend servers.

OCSP support in the application gateway enables users to send a client certificate to the backend application server for auditing purposes or for providing tokens or cookies to a client certificate. Users can accomplish this by setting up a rewrite rule that sends the client certificate as an HTTPS header.

Furthermore, OCSP support allows users to verify the status of the client certificate in real time. By ensuring that the current certificate is valid and has not been compromised, this can prevent man-in-the-middle attacks.

Customers must configure their backend servers with certificates signed by trusted authorities in order to enable mTLS and OCSP on Application Gateway. Additionally, they must upload their root or intermediate CA certificates to Application Gateway.

Specifically, Microsoft recommends mTLS:

When communicating between Internet of Things (IoT) devices, each device presents its certificate for authentication.

Making API communication between microservices more secure and preventing malicious APIs from communicating with them.

Defending against attacks such as brute force or credential stuffing.

Through the SSL settings tab in the portal, users can configure mTLS after provisioning an Azure Application Gateway or configuring an existing one. Alternatively, they may use PowerShell.

Lastly, more information on Azure Application Gateway can be found in the documentation pages and FAQs.

Tech News

Windows Forms Binding Improvements in .NET 7 for MVVM Support img

Windows Forms Binding Improvements in .NET 7 for MVVM Support

Command binding preview features are included in the .NET 7 framework in order to modernize Windows Forms applications…

MicroStream becomes a member of the Eclipse Foundation img

MicroStream becomes a member of the Eclipse Foundation

A Java object-graph persistence framework, MicroStream, has announced its participation in the Eclipse…

Our Latest Blog

Mastering Full Stack Python Development with Django A Comprehensive Guide

Mastering Full Stack Python Development with Django: A Comprehensive Guide

Python is a powerful programming language that has taken the world of web development by...
Read More
Mastering Machine Learning A Beginner's Guide to Python

Mastering Machine Learning: A Beginner’s Guide to Python

Welcome to the world of machine learning! With the ever-increasing demand for artificial intelligence and...
Read More
Unlocking the Power of Data Science with Python A Beginner's Guide

Unlocking the Power of Data Science with Python: A Beginner’s Guide

Data science has become an essential part of many industries today, and Python has become...
Read More

Follow Us


Browse LSET presentations to understand interesting…

Explore Now

Get complete guides to empower yourself academically…

Explore Now

Learn about information technology and business…

Explore Now