App Service mutual TLS is disabled Affecting App Service (Web Apps) service in Azure

Snyk CCSS

IAM / Authentication

Is your enviroment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Frameworks

CIS-Azure CIS-Controls CSA-CCM SOC-2

Snyk ID SNYK-CC-00491
credit Snyk Research Team

Report a new misconfiguration Found a mistake?

Description

Client certificates allow for the app to request a certificate for incoming requests. Only clients that have a valid certificate will be able to reach the app.

How to fix?

Set properties.clientCertEnabled attribute to true.

Terraform

Resource: azurerm_app_service

References

Configure TLS mutual authentication for Azure App Service

App Service mutual TLS is disabled Affecting App Service (Web Apps) service in Azure

Severity

Description

How to fix?

Terraform

References