Merge pull request #112263 from ecfan/ssl-http

PRMerger14 · web-flow · commit 7f2304e74305 · 2020-04-21T20:30:52.000-07:00
Add info that intermediate TLS/SSL certificates aren't supported
diff --git a/articles/connectors/connectors-native-http.md b/articles/connectors/connectors-native-http.md
@@ -3,7 +3,7 @@ title: Call service endpoints by using HTTP or HTTPS
 description: Send outbound HTTP or HTTPS requests to service endpoints from Azure Logic Apps
 services: logic-apps
 ms.suite: integration
-ms.reviewer: klam, logicappspm
+ms.reviewer: jonfan, logicappspm
 ms.topic: conceptual
 ms.date: 03/12/2020
 tags: connectors
@@ -18,6 +18,8 @@ With [Azure Logic Apps](../logic-apps/logic-apps-overview.md) and the built-in H
 > versions 1.0, 1.1, and 1.2. Logic Apps negotiates with the endpoint over using the highest supported 
 > version possible. So for example, if the endpoint supports 1.2, the connector uses 1.2 first. 
 > Otherwise, the connector uses the next highest supported version.
+>
+> The HTTP connector doesn't support intermediate TLS/SSL certificates for authentication.
 
 To check or *poll* an endpoint on a recurring schedule, [add the HTTP trigger](#http-trigger) as the first step in your workflow. Each time that the trigger checks the endpoint, the trigger calls or sends a *request* to the endpoint. The endpoint's response determines whether your logic app's workflow runs. The trigger passes any content from the endpoint's response to the actions in your logic app.
 
diff --git a/articles/logic-apps/logic-apps-securing-a-logic-app.md b/articles/logic-apps/logic-apps-securing-a-logic-app.md
@@ -659,7 +659,7 @@ If the [Client Certificate](../active-directory/authentication/active-directory-
 
 | Property (designer) | Property (JSON) | Required | Value | Description |
 |---------------------|-----------------|----------|-------|-------------|
-| **Authentication** | `type` | Yes | **Client Certificate** <br>or <br>`ClientCertificate` | The authentication type to use for TLS/SSL client certificates. While self-signed certificates are supported, self-signed certificates for TLS/SSL aren't supported. |
+| **Authentication** | `type` | Yes | **Client Certificate** <br>or <br>`ClientCertificate` | The authentication type to use for TLS/SSL client certificates <p><p>**Note**: While self-signed certificates are supported, self-signed certificates for TLS/SSL aren't supported. The HTTP connector doesn't support intermediate TLS/SSL certificates. |
 | **Pfx** | `pfx` | Yes | <*encoded-pfx-file-content*> | The base64-encoded content from a Personal Information Exchange (PFX) file <p><p>To convert the PFX file into base64-encoded format, you can use PowerShell by following these steps: <p>1. Save the certificate content into a variable: <p>   `$pfx_cert = get-content 'c:\certificate.pfx' -Encoding Byte` <p>2. Convert the certificate content by using the `ToBase64String()` function and save that content to a text file: <p>   `[System.Convert]::ToBase64String($pfx_cert) | Out-File 'pfx-encoded-bytes.txt'` |
 | **Password** | `password`| No | <*password-for-pfx-file*> | The password for accessing the PFX file |
 |||||
