Reputation: 4063
Azure Web App calling on-prem service with Self-Signed SSL Cert
We have an Azure web app which needs to call an internal web service via a VPN
We have configured everything but because the web service on our non-production internal servers uses a self-signed certificate, the call is failing:
The remote certificate is invalid according to the validation procedure.
Locally we can import the .cer into Trusted People.
How can this be achieved on Azure?
Upvotes: 2
Views: 2903
Answers (1)
Reputation: 2292
You cannot import .cer file to Azure Web App servers. If you can modify your code, you may implement a workaround, creating your own certificate validation. An example:
ServicePointManager.ServerCertificateValidationCallback += (
object sender,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors sslPolicyErrors) =>
{
if (sslPolicyErrors == SslPolicyErrors.None)
{
return true;
}
else
{
var myGoodCert = X509Certificate.CreateFromCertFile(Server.MapPath("~/path/to/mycert.cer"));
return myGoodCert.Equals(certificate); // compares issuer and serial number
}
};
Remember to deploy the .cer file with your web app files or place it somewhere accessible from your webapp (azure blob storage, blob on sql, etc...)
Upvotes: 2
Related Questions
- Azure SSL Certificate
- Azure App Services and SSL Certificate
- Assign an SSL certificate to an Azure App Service
- Install Self-Signed CA Certificate to Azure
- How to manage (non-SSL) certificate in an Azure App Services?
- Using SSl in Azure Web App
- Azure app using custom domain with SSL certificate
- Create a Self-Signed Certificate in .NET, using an Azure Web Application (ASP.NET MVC 5)
- Securing authenticated traffic on Azure website without custom certificate
- Custom domain SSL certificate for Azure websites in Shared mode