Solved: Configuring the response in case of missing mutual...

Report Inappropriate Content · 09-03-2018 08:39 AM

Hi,

In one of my proxies I've got a mutual TSL set up and it works properly. The only thing that I can't find in the documentation is if it's possible to set a format of response in case in which a TLS client certificate is not given at all when calling the endpoint.

This is the 400 error response that I receive from the endpoint currently:

<html>
<head><title>400 No required SSL certificate was sent</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>No required SSL certificate was sent</center>
<hr><center>nginx</center>
</body>
</html>

What I would like to get instead is the JSON object with error details so that I can be consistent with the rest of error responses that are returned from this endpoint.

Is it possible to set it up in Apigee?

Thanks

dchiesa1

No, as far as I know, it is not possible.

The request never reaches the MP, which is where your policies would have an effect.

The client in this case will have to handle the 400 status code with whatever payload is sent.

Fortunately this is not likely to be a runtime error; it's an error that would result from incorrect configuration on the client, which means it would occur only during development.

View solution in original post

dchiesa1

No, as far as I know, it is not possible.

The request never reaches the MP, which is where your policies would have an effect.

The client in this case will have to handle the 400 status code with whatever payload is sent.

Fortunately this is not likely to be a runtime error; it's an error that would result from incorrect configuration on the client, which means it would occur only during development.

Configuring the response in case of missing mutual-TLS client certificate