Azure
帶有 Web APPS 的 Azure SSL 應用程序網關
我正在為託管在 Web 應用程序上的 Web 應用程序設置 Azure 應用程序網關 Web 應用程序防火牆,一切都在 SSL 後面。
當一切都不是 SSL 時,我可以使用這篇文章 https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-web-app-powershell
但是,當我嘗試將其更改為 SSL 並上傳 CER 文件時,我無法讓它顯示 Heathly。我將所有對 https 的引用都更改了,一切看起來都正確,但我仍然卡住了
我也試過這篇文章https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-end-to-end-ssl-powershell 沒有運氣
關於我所缺少的任何想法,需要這個才能工作,然後我才能使用解決方案進行 HA
謝謝亞歷克斯
這是 MS Support 與我合作完成這項工作的腳本
# FQDN of the web app $webappFQDN = "XXX.XXXXX.com" # Retrieve an existing application gateway $gw = Get-AzureRmApplicationGateway -Name "XXXX" -ResourceGroupName "XXXX" # Define the status codes to match for the probe $match=New-AzureRmApplicationGatewayProbeHealthResponseMatch -StatusCode 200-399 # Add a new probe to the application gateway Add-AzureRmApplicationGatewayProbeConfig -name webappprobe-1 -ApplicationGateway $gw -Protocol Https -Path / -Interval 30 -Timeout 120 -UnhealthyThreshold 3 -PickHostNameFromBackendHttpSettings -Match $match # Retrieve the newly added probe $probe = Get-AzureRmApplicationGatewayProbeConfig -name webappprobe-1 -ApplicationGateway $gw # Configure an existing backend http settings Set-AzureRmApplicationGatewayBackendHttpSettings -Name appGatewayBackendHttpSettings -ApplicationGateway $gw -PickHostNameFromBackendAddress -Port 443 -Protocol https -CookieBasedAffinity Disabled -RequestTimeout 30 -Probe $probe Exclude these 2 lines #$authcert = New-AzureRmApplicationGatewayAuthenticationCertificate -Name whitelistcert1 -CertificateFile C:\XXXX\XXXX.cer #Set-AzureRmApplicationGatewayBackendHttpSettings -Name appGatewayBackendHttpSettings -ApplicationGateway $gw -PickHostNameFromBackendAddress -Port 443 -Protocol Https -CookieBasedAffinity Enabled -AuthenticationCertificates $authcert # Add the web app to the backend pool Set-AzureRmApplicationGatewayBackendAddressPool -Name appGatewayBackendPool -ApplicationGateway $gw -BackendFqdns $webappFQDN # Update the application gateway Set-AzureRmApplicationGateway -ApplicationGateway $gw