Merge pull request #217627 from JackStromberg/patch-89

prmerger-automator[bot] · web-flow · commit 59ffb1c3c9ff · 2022-11-08T22:52:08.000Z
Max client CA certificate size
diff --git a/articles/application-gateway/mutual-authentication-overview.md b/articles/application-gateway/mutual-authentication-overview.md
@@ -20,7 +20,7 @@ Mutual authentication, or client authentication, allows for the Application Gate
 
 Application Gateway supports certificate-based mutual authentication where you can upload a trusted client CA certificate(s) to the Application Gateway, and the gateway will use that certificate to authenticate the client sending a request to the gateway. With the rise in IoT use cases and increased security requirements across industries, mutual authentication provides a way for you to manage and control which clients can talk to your Application Gateway. 
 
-To configure mutual authentication, a trusted client CA certificate is required to be uploaded as part of the client authentication portion of an SSL profile. The SSL profile will then need to be associated to a listener in order to complete configuration of mutual authentication. There must always be a root CA certificate in the client certificate that you upload. You can upload a certificate chain as well, but the chain must include a root CA certificate in addition to as many intermediate CA certificates as you'd like. 
+To configure mutual authentication, a trusted client CA certificate is required to be uploaded as part of the client authentication portion of an SSL profile. The SSL profile will then need to be associated to a listener in order to complete configuration of mutual authentication. There must always be a root CA certificate in the client certificate that you upload. You can upload a certificate chain as well, but the chain must include a root CA certificate in addition to as many intermediate CA certificates as you'd like. The maximum size of each uploaded file must be 25 KB or less.
 
 For example, if your client certificate contains a root CA certificate, multiple intermediate CA certificates, and a leaf certificate, make sure that the root CA certificate and all the intermediate CA certificates are uploaded onto Application Gateway in one file. For more information on how to extract a trusted client CA certificate, see [how to extract trusted client CA certificates](./mutual-authentication-certificate-management.md).
 
diff --git a/includes/application-gateway-limits.md b/includes/application-gateway-limits.md
@@ -18,6 +18,7 @@ ms.author: greglin
 | Instances per gateway |V1 SKU - 32<br>V2 SKU - 125 | |
 | SSL certificates |100<sup>1</sup> |1 per HTTP listener |
 | Maximum SSL certificate size |V1 SKU - 10 KB<br>V2 SKU - 16 KB| |
+| Maximum trusted client CA certificate size | 25 KB| 25 KB is the maximum aggregated size of root and intermediate certificates contained in an uploaded pem or cer file. |
 | Authentication certificates |100 | |
 | Trusted root certificates |100 | |
 | Request timeout minimum |1 second | |
