Authentication

WebApp Client Certification not required

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

TLS mutual authentication technique in enterprise environments ensures the authenticity of clients to the server.
  • Recommended Mitigation

    Under App Settings, Click on 'Configuration', set 'Client Certificate mode' to 'Require' (located under 'Incoming client certificates')