Reputation: 1138
How to correctly specify a common name for Service Fabric certificate
Microsoft docs say to use something like clustername.eastus.cloudapp.azure.com, but what about custom DNS for the cluster?
Will the certificate properly validate or should the custom DNS (i.e. clustername.domain.com) be used?
Upvotes: 2
Views: 1025
Answers (1)
Reputation: 11341
The dns provided by the docs is just an example, I don't think you will be able to register a certificate against a domain you don't own like .azure.com.
In this case, you will register a certificate against a domain you own, and you either:
- Register a CNAME record on your damain to redirect to the cluster domain
clustername.eastus.cloudapp.azure.comor - Configure the DNS A Record to point to you cluster Load Balancer IP
In the demo, the Commom Name is just used to identify the certificate installed in the node(vm) certificate store.
The following links describes the use of certificates in more details:
https://learn.microsoft.com/en-us/azure/service-fabric/service-fabric-cluster-creation-via-portal
https://learn.microsoft.com/en-us/azure/service-fabric/service-fabric-windows-cluster-x509-security
Upvotes: 2
Related Questions
- Manage Subject Alternative Name for App Service Certificate
- Service Fabric : Failed to configure certificate permissions - FABRIC_E_CERTIFICATE_NOT_FOUND
- How to Get Visual Studio to Publish an Application to Service Fabric Cluster Secured by Certificate Common Name Instead of Thumbprint?
- Load SSL Certificate in Azure Service Fabric for Custom TCP service
- How do I set a valid ServiceDnsName in my docker-compose file when deploying to Service Fabric?
- Service fabric client encryption
- How to bind custom SSL certificate to Service Fabric cluster management endpoint?
- Service Fabric, which certificate do I use where?
- Using App Service Certificate with Service Fabric
- Deploying SSL certificate to Azure service fabric cluster