stackoom
  简体   繁体   中英

Trusted root certificate on azure app services

 原文  2021-10-22 17:33:26       asp.net-mvc/ azure

Question

I have an asp.net mvc app that needs to access a backend api and several services that is using self signed certs . Have no control over forcing client to use proper certs.

On my development environment, i am installing the self signed certs on Trusted Root Certificates to have it work.

However, I am facing SSL certification error when connecting to those services after publishing the asp.net mvc app to azure app services but I am unable to find a way to overcome this.

Is there any way that I can overcome this challenge like installing self sign cert on azure app services? I would not like to ignore ssl error in code level if possible as this would require changes on multiple part in code.

Limitation :

  1. Production Backend API and other services provided by client is using self signed cert
  2. The asp.net mvc app must be hosted on azure app services provided by client

1 answers

solution1
 1  2021-11-02 02:11:09

Answering based on your requirements that you only need to connect to a private endpoint that has a private cert (your app service can have a public endpoint).

Try to follow the guide outlined here to first upload the private certificate chain: https://docs.microsoft.com/en-us/azure/app-service/configure-ssl-certificate#upload-a-private-certificate (make sure to include the whole chain).

Once you upload the private cert, follow this guide to access it from your code: https://docs.microsoft.com/en-us/azure/app-service/configure-ssl-certificate-in-code

From there you should be able to use the certificate as needed within your code.

solution2
 0  2021-10-25 12:34:30

Go to Azure Portal--> Your Application --> "Custom Domains" and check if the custom domain is added or not. If not added, please follow the below procedure to add custom domain :

  1. please click on "+ Add Custom Domain"
  2. enter the domain and click on validate.
  3. Add CNAME and TXT records in your DNS domain to verify domain ownership.
  4. Click on "Add Custom Domain"

After adding the custom domain, the custom domain is still unsecure. You need to add the SSL certificate.

To add SSL certificate, please follow below procedure :

  1. Go to TLS / SSL settings and click on "+ Add TLS / SSL Binding"
  2. Select your custom domain and import the .pfx or public certificate for you domain and click Add.
  3. Go to Custom Domains section and click on "Add binding".
  4. Select the certificate of your domain and TLS/SSL type as SNI.
  5. Click on "Add binding"

Now, you can access API using your custom domain which is secured.

Please refer TLS/SSL certificate

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Custom Logging Configuration in Azure App Services How to publish (deploy) .lic file to the root of an Azure Web App Service? Azure App Services - Manage scaling from within the application HTTPS SSL Connection not trusted, despite certificate being fine MVC webapp with Azure AD authentication works fine in local but not when porting to Azure app services Complete guide on how to use Migrations with several Azure SQL databases, connectionstrings and Azure App Services publish profiles Deploying MVC app to Azure App Services Error - subscription is not registered for the resource type How do I split an Azure Web App Service into multiple 'sub web app services'? Override MachineKey on Microsoft Azure App Services across multiple App Service Plan VSPerf and Azure Cloud Services
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM