Reputation: 885
How to resolve OnPrem REST API - DNS Name from Azure API
Environment- Established the connection between Azure App Service and OnPrem Network and vrified the connection.
Requirement - There is API hosted in OnPrem and with DNS name and HTTPS enabled (https://test.com/GetData)
But OnPrem API cannot be accessible from Azure API using DNS name and getting error like Hostname cannot be found.
But When I mention the Onprem API IP address (https://12.34.34.3/GetData), it seems communication established but ssl error - The SSL connection could not be established.
What would be the best solution here.
Regards
Abdul
Upvotes: 0
Views: 290
Answers (2)
Reputation: 885
When an app hosted on Azure App Service and tries to connect to a remote endpoint over SSL, it is important that the certificate on the remote endpoint service is issued by a Trusted Root CA. If the certificate on the remote service is a self-signed certificate or a private CA certificate, it will not be trusted by the instance hosting your app and the SSL handshake will fail with this error.
Possible solutions are:
1: Remote endpoint service must use a certificate issued by Trusted Root CA.
2: Host the application on App Service Environment (ASE) where you can upload your internal CA root certificate and use WEBSITE_LOAD_ROOT_CERTIFICATES appsetting to load it into Trusted Root store.
Upvotes: 0
Reputation: 1743
Reason for "Hostname not found error" is the custom domain is not mapped to the Azure App service properly. Please go to "Custom Domains" and check if the custom domain is added or not. If not added, please follow the below procedure to add custom domain :
- please click on "+ Add Custom Domain"
- enter the domain and click on validate.
- Add CNAME and TXT records in your DNS domain to verify domain ownership.
- Click on "Add Custom Domain"
After adding the custom domain, the custom domain is still unsecure. You need to add the SSL certificate.
To add SSL certificate, please follow below procedure :
- Go to TLS / SSL settings and click on "+ Add TLS / SSL Binding"
- Select your custom domain and import the .pfx or public certificate for you domain and click Add.
- Go to Custom Domains section and click on "Add binding".
- Select the certificate of your domain and TLS/SSL type as SNI.
- Click on "Add binding"
Now, you can access API using your custom domain which is secured.
Upvotes: 1
Related Questions
- Aure app Service with custom domain DNS configuration
- Azure App Service returns 404 for GET / request
- Add a default DNS domain name to azure Web app
- How to get DNS Name in azure Virtual Machines - List All api?
- Azure App Service internal DNS resolution
- Azure Web App custom domain and domain resolution
- Azure App Service Custom Hostnames
- Add custom domain names to web apps using REST API
- Azure custom domain name
- How to get DNS name from REST service which is consumed by startuptask of Azure webrole