| Plugin Title | Client Certificates Enabled |
| Cloud | AZURE |
| Category | App Service |
| Description | Ensures Client Certificates are enabled for App Services, only allowing clients with valid certificates to reach the app |
| More Info | Enabling Client Certificates will block all clients that do not have a valid certificate from accessing the app. |
| AZURE Link | https://docs.microsoft.com/en-us/azure/app-service/app-service-web-configure-tls-mutual-auth#enable-client-certificates |
| Recommended Action | Enable incoming client certificate SSL setting for all App Services. |
- Log into the Microsoft Azure Management Console.
- Select the "Search resources, services, and docs" option at the top and search for App Services.
- Select the "App Services" by clicking on the "Name" link to access the configuration changes.
- Scroll down the selected "App Services" navigation panel and in "Settings" click on the "TLS/SSL settings" option.</br
- On the "TLS/SSL settings" page check if "Incoming client certificates" is "ON/OFF". If it's turned "OFF" then it will not block all clients who do not have a valid certificate from accessing the app.
- Repeat steps number 2 - 5 to verify other "Apps" SSL settings in the account.
- Navigate to the "App Services", select the "App Service" and click on the "Name" as a link to access the configuration, select the "TLS/SSL settings" under "Settings."
- On the "Protocol Settings" page click on the "ON" option next to "Incoming client certificates" which only allows clients with valid certificates to reach the app.
- Repeat above steps to ensures "Client Certificates" are enabled for "App Services", only allowing clients with valid certificates to reach the app.
