Azure

帶有 Web APPS 的 Azure SSL 應用程序網關

  • July 3, 2018

我正在為託管在 Web 應用程序上的 Web 應用程序設置 Azure 應用程序網關 Web 應用程序防火牆,一切都在 SSL 後面。

當一切都不是 SSL 時,我可以使用這篇文章 https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-web-app-powershell

但是,當我嘗試將其更改為 SSL 並上傳 CER 文件時,我無法讓它顯示 Heathly。我將所有對 https 的引用都更改了,一切看起來都正確,但我仍然卡住了

我也試過這篇文章https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-end-to-end-ssl-powershell 沒有運氣

關於我所缺少的任何想法,需要這個才能工作,然後我才能使用解決方案進行 HA

謝謝亞歷克斯

這是 MS Support 與我合作完成這項工作的腳本

# FQDN of the web app
$webappFQDN = "XXX.XXXXX.com"  

# Retrieve an existing application gateway
$gw = Get-AzureRmApplicationGateway -Name "XXXX" -ResourceGroupName "XXXX"

# Define the status codes to match for the probe
$match=New-AzureRmApplicationGatewayProbeHealthResponseMatch -StatusCode 200-399

# Add a new probe to the application gateway
Add-AzureRmApplicationGatewayProbeConfig -name webappprobe-1 -ApplicationGateway $gw -Protocol Https -Path / -Interval 30 -Timeout 120 -UnhealthyThreshold 3 -PickHostNameFromBackendHttpSettings -Match $match

# Retrieve the newly added probe
$probe = Get-AzureRmApplicationGatewayProbeConfig -name webappprobe-1 -ApplicationGateway $gw

# Configure an existing backend http settings 

Set-AzureRmApplicationGatewayBackendHttpSettings -Name appGatewayBackendHttpSettings -ApplicationGateway $gw -PickHostNameFromBackendAddress -Port 443 -Protocol https -CookieBasedAffinity Disabled -RequestTimeout 30 -Probe $probe

Exclude these 2 lines
#$authcert = New-AzureRmApplicationGatewayAuthenticationCertificate -Name whitelistcert1 -CertificateFile C:\XXXX\XXXX.cer

#Set-AzureRmApplicationGatewayBackendHttpSettings -Name appGatewayBackendHttpSettings -ApplicationGateway $gw  -PickHostNameFromBackendAddress -Port 443 -Protocol Https -CookieBasedAffinity Enabled -AuthenticationCertificates $authcert

# Add the web app to the backend pool
Set-AzureRmApplicationGatewayBackendAddressPool -Name appGatewayBackendPool -ApplicationGateway $gw -BackendFqdns $webappFQDN

# Update the application gateway
Set-AzureRmApplicationGateway -ApplicationGateway $gw

引用自:https://serverfault.com/questions/882931

相關問答

Domain-Name-System

有沒有辦法在沒有靜態公共 IP 的情況下使用 Azure 將 VM 映射到域名?

  • July 27, 2022
檢視問答
Azure

何時使用 Azure 應用程序網關 WAF 與 Azure 防火牆?

  • November 15, 2020
檢視問答
Azure

Azure Vnet 真的是私有的嗎?

  • May 1, 2020
檢視問答
Security

將 Azure 應用服務連接到 Azure SQL Server 數據庫

  • April 5, 2020
檢視問答
Azure

限制從 Azure Vault 訪問生產中的應用服務

  • September 13, 2018
檢視問答
Domain-Name-System

在 Azure Web App 的 SaaS 解決方案中使用自定義域和 SSL

  • July 24, 2018
檢視問答