Is there a way of achieving SSL pinning with Azure Application Gateway. I have some APIs deployed on AKS exposed through APIM. The APIM is private and the APIs are publicly exposed through Application Gateway. Is there a way of achieving SSL pinning in my custom android app in this scenario?
SSL pinning with Azure App gateway + APIM
571 views Asked by Vaibhav Singla At
1
There are 1 answers
Related Questions in AZURE
- Why does Azure Auto-Scale scale go lower then minimum amount of instances?
- Data execution plan ended with error on DB restore
- Why does Azure CloudConfigurationManager.GetSetting return null
- Do I need other roles than Worker Role for a web site and service layer in Azure?
- Azure Web App PATH Variable Modification
- Azure Data Factory: LinkedService for AzureSql in failed state
- How To Update a Web Application In Azure and Keep The App Up the whole time
- Using Azure MobileServices library with my own LAN WebApi
- ionCube loader error on Azure IIS
- App crash (if closed) after click on notification
- How to get sql data bases instances in azure using java api
- I want to create file in azure share using python PUT requests but getting error signature not correct including headers
- Enabling OPTIONS method on Azure Cloud Service (to enable CORS)
- Redirecting subdomain to directory on Azure
- Kaltura account settings error
Related Questions in AZURE-API-MANAGEMENT
- Enabling OPTIONS method on Azure Cloud Service (to enable CORS)
- Can I run SignalR hub through Azure API Management?
- azure-api-management Create Operation using Powershell
- Api Management : can you groupe the operation by controller?
- Can we expose api management endpoints in azure without the opim-subscription keys?
- Change colour of blue panel on Azure API Management Developer Portal
- How to create an array in a for loop in Liquid?
- Certificate missing when Azure API Manager calls Azure APP Service
- Unable to access newly api service from developer portal in Azure api management
- Managing multiple REST APIs in Azure API Management
- Azure API Management Scalability
- Azure APIM and Hybrid Connections
- Customizing the Azure API Management developer portal
- Check whether or not a query parameter is set
- HSM Support in Azure API management
Related Questions in AZURE-APPLICATION-GATEWAY
- What is the Azure Resource Manager equivalent of VIP Swap?
- SSL certificate for Azure Application Gateway for SSL offload
- Use Service Fabric Reverse Proxy with Azure Application Gateway
- Multiple App services to use the same domain name
- Azure Application Gateway locked down route to app service
- Application Gateway - 502 error
- path based routing for azure appservice web apps
- azure application gateway 502 errors with service fabric
- How can I add support for IPv6 to and Azure application Gateway knowing that it does not support it
- Azure kubernetes - How to set up Azure App gateway and Azure API management for Azure kubernetes?
- Azure Application gateway - is there any reason to keep Azure firewall BEHIND?
- Azure API management - internal and accessible only by Azure application gateway?
- Azure Application Gateway private ip dns resolution
- ASP.NET Core app with Azure AD authentication behind a reverse proxy is setting the wrong redirect_uri
- Retrieve/recover cert pfx from Azure Application Gateway
Related Questions in SSLPINNING
- Certificate Pinning not working when trust user certificates in network security configuration
- how to use SSL pining in every Api request using http plugin fllutter
- Unable to connect to the frida server: need Gadget to attach on jailed Android
- Why is ssl pinning not working on synchronous requests?
- Implementing SSL Pinning with Flutter GraphQL
- frida.TimedOutError: unexpectedly timed out while initializing suspended process
- didReceiveAuthenticationChallenge called multiple times
- TypeError: Cannot read properties of undefined (reading 'fetch') [react-native-ssl-pinning]
- java.io.IOException: stream does not represent a PKCS12 key store
- Null address in Sslpinning bypass of flutter app by using frida
- iOS TLS/SSL Pinning using NSRequiresCertificateTransparency key in Info.plist
- ssl-pinning right approach for android and IOS application
- SSL pinning with Azure App gateway + APIM
- React native with self signed certificates on M1 chip MacOS
- Protect Firebase callable functions from man in the middle
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Application Gateway supports TLS termination at the gateway, after which traffic typically flows unencrypted to the backend servers.
1.Transport Layer Security (TLS), previously known as Secure Sockets Layer (SSL), is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and encrypted. Application gateway supports both TLS termination at the gateway as well as end to end TLS encryption.
2.End-to-end TLS allows you to encrypt and securely transmit sensitive data to the backend while you use Application Gateway's Layer-7 load-balancing features. These features include cookie-based session affinity, URL-based routing, support for routing based on sites, the ability to rewrite or inject X-Forwarded-* headers, and so on.
3.When configured with end-to-end TLS communication mode, Application Gateway terminates the TLS sessions at the gateway and decrypts user traffic. It then applies the configured rules to select an appropriate backend pool instance to route traffic to. Application Gateway then initiates a new TLS connection to the backend server and re-encrypts data using the backend server's public key certificate before transmitting the request to the backend. Any response from the web server goes through the same process back to the end user
Reference: https://learn.microsoft.com/en-us/azure/application-gateway/end-to-end-ssl-portal