All geek questions in one place

How to configure SSL for stand-alone web APIs in Azure Service Fabric

I completed this article to configure the OWIN standalone web API in Azure Standalone Services.

I also found this article that describes how to configure the HTTPS endpoint in the Azure service.

... <Certificates> <EndpointCertificate Name="TestCert1" X509FindValue="FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF F0" X509StoreName="MY" /> </Certificates> ...

How to configure SSL certificate for my WebAPI service in the service structure? When I access a cluster of a service cluster in the Azure portal, the Certificate text boxes are grayed out.

In other Azure services, they are usually the area for downloading certificates that the application can reference.

Do I need to manually include my certificate in the service package and install it in the certificate store before it can be referenced?

Also, does azure provide an HTTPS certificate for * .cloudapp.azure.com, which can be used during development?

+5
source share
1 answer

To protect the standalone OWIN API in SF with SSL, you can follow the various scripts and example configuration that I compiled:

https://gist.github.com/andersosthus/c483eaf8630219c789de

The main thread is as follows:

  • Upload certificate to KeyVault (uploadCertToKeyVault.ps1)
  • Install the certificate on SF virtual machines (installCertOnVm.ps1)
  • Configure the Endpoint section of your ServiceManifest
  • Configure the ManifestImport and Policy sections of the application manifest.

You can skip steps 1 and 2, but then you need to log in to each virtual machine and install the certificate manually.

For VMSS: To install certificates from KeyVault to VMSS using ARM, follow these steps: In your VMSS template, the OSProfile section has a section called secrets . Here you can configure sourcevault and add certificates for installation.

This works like all other ARM templates. You can add the certificate to this list later and redeploy the template. Then the certificate will be installed on your VMSS.

+10
source

Source: https://habr.com/ru/post/1242683/

More articles:


All Articles