我一直在解决我的应用程序网关和后面的 Azure Web 应用程序上的一个非常奇怪的问题。
一个月前,我用一个 Web 应用程序设置了我的应用程序网关,一切似乎都运行良好,正确传递了我需要的标头。但是现在我在获取标头“X-ARR-ClientCert”时遇到了问题,该标头应该(并且曾经)存在于每个成功通过身份验证的请求中。请求中不再存在标头...
应用程序网关正在接收 HTTPS 并以 HTTP 将其路由到我的 Web 应用程序。侦听器配置为使用我的 SSL 配置文件,作为我拥有的访问日志的示例:
{ "timeStamp": "2021-09-13T13:42:53+00:00", "resourceId": "/SUBSCRIPTIONS/D33C8661-DE39-4265-8526-6C2B32160154/RESOURCEGROUPS/MHS-AG/PROVIDERS/MICROSOFT.NETWORK/APPLICATIONGATEWAYS/MHS-AG", "listenerName": "gw-dev", "ruleName": "gw-dev", "backendPoolName": "dev", "backendSettingName": "http-dev", "operationName": "ApplicationGatewayAccess", "category": "ApplicationGatewayAccessLog", "properties": {"instanceId":"appgw_0","clientIP":"77.205.111.223","clientPort":57595,"httpMethod":"GET","originalRequestUriWithArgs":"\/v1\/transactions\/?acq_to_dl=0&implant_mac=99:99:99:99:90:50&timezone=8","requestUri":"\/v1\/transactions\/","requestQuery":"acq_to_dl=0&implant_mac=99:99:99:99:90:50&timezone=8","userAgent":"Python\/3.8 aiohttp\/3.7.4.post0","httpStatus":403,"httpVersion":"HTTP\/1.1","receivedBytes":1506,"sentBytes":542,"timeTaken":0.915,"transactionId":"ba23f8606b2718e7d132a27e6bf0df2a","sslEnabled":"on","sslCipher":"ECDHE-RSA-AES256-GCM-SHA384","sslProtocol":"TLSv1.2","sslClientVerify":"SUCCESS","sslClientCertificateFingerprint":"d35719cfe802e02b90b3fa2f48d2f96c605f774c","sslClientCertificateIssuerName":"DC=https:\/\/bridge-dev.snhtest.online,O=Sentinhealth,L=Grenoble,ST=Is\\\\C3\\\\A8re,C=FR","serverRouted":"40.89.141.103:80","serverStatus":"403","serverResponseLatency":"0.916","originalHost":"bridge-dev.snhtest.online","host":"bridge-dev.snhtest.online"}}
所以看起来验证是成功的,但我没有收到带有证书的标题。
是否有关于成功验证应用程序网关创建的标头的任何文档?
最后有什么变化吗?
谢谢你的帮助 !