CODEWITHSUNDEEP
azure-service-fabric
nama neemi
nama neemi

Reputation: 11

Cannot connect to service fabric secure cluster

I created new secure service fabric cluster on azure with cluster and admin client certificates in keyvault on azure. I installed the admin client certificate for current user and local machine stores but whenever I try to connect that cluster or explore it in browser its gave access denied error. I am also trying to connect from visual studio but it failed. In visual studio following is connection parameters: 

  <ClusterConnectionParameters ConnectionEndpoint="my.end.point.com:19000"  
                           X509Credential="true"
                           ServerCertThumbprint="ClusterCertificateThumbPrint"
                           FindType="FindByThumbprint"
                           FindValue="AdminClientCertificateThumbPrint"
                           StoreLocation="CurrentUser"
                           StoreName="My" />

What I am doing wrong?

Upvotes: 1

Views: 1160

Answers (1)

JavaadPatel
JavaadPatel

Reputation: 97

I experienced something similar, my issue was that I had the wrong servercertthumbprint. I created my service fabric cluster as part of the visual studio publish step and in that case the configuration looked like this:

  <ClusterConnectionParameters ConnectionEndpoint="myservicefabricname:19000" 
                               X509Credential="true"
                               ServerCertThumbprint="certicateThumbprint"
                               FindType="FindByThumbprint"
                               FindValue="certicateThumbprint"
                               StoreLocation="LocalMachine"
                               StoreName="My" />

The thumbprint used for the local certificate and the service fabric one has the same certificate thumbprint.

Additionally, it seems that even though I added the ClusterConnectionParameters in the xml config, when I went "Publish" and expanded "Advanced Parameters" I had to manually enter the values. enter image description here

In case you don't know how to find the thumbprint you can follow this tutorial: https://learn.microsoft.com/en-us/dotnet/framework/wcf/feature-details/how-to-retrieve-the-thumbprint-of-a-certificate

Upvotes: 0

Related Questions