This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(86.4, 50%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMM%3C/text%3E%3C/svg%3E)
Trying to see if this is even possible.
I have Azure Virtual Machine running as a windows webserver IIS.
Is it possible to setup Azure CDN to pull content from that webserver?
Things tried. Created CDN. Changed Origin to custom and set the public IP address of the webserver. But just get "Our services aren't available right now message" when accessing with the cdn hostname.
Webserver works fine if I go to by the public ip address.
Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.
Greetings.
You should be able to use a public IP behind Azure CDN as long as the backend is healthy.
The error message you shared usually appears with new deployments.
Can you please confirm if the issue still persists?
Cheers,
Kapil
Yes this issue still persists. Trying to figure out if there are any additional configurations needed if this design can work this way. So are you telling me that this can work from a current azure webserver IIS? I am finding it hard to find documentation. All documentation keeps leading me to using a storage account.
Please recheck your configuration.
I just did a lab and I was able to get this working
Make sure you're backend supports HTTPS
Cheers,
Kapil
@KapilAnanth-MSFT I think that might be part of the issue. I took out https allowed on the origin and was able to access using the hostname now. Thank you for the tip. I'll continue testing and hope thats all was needed.
You are most welcome. Glad we could be of assistance.
I have summarized our discussion and converted it to a new answer.
I would highly appreciate if you could Accept the answer and close this thread.
Original posters help the community find answers faster by identifying the correct answer.
Thanks,
Kapil
So http looks to work. I am looking into how to get it to work with https. Does the CDN provide the certificate for its hostname. I am just guessing that i would need it to put that on my webserver or vise versa. Does that sound about right?
From my analysis, Azure CDN does not offer TLS Offloading.
With that said,
You have to work with your webserver team to configure TLS at the backend.
Once you configure TLS on your backend, you should be able to use HTTPS with Azure CDN.
P.S : You can also consider AFD if you require TLS Offloading.
Hope
Thanks,
Kapil
Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.
Not sure if I am able to continue this Thread but I am trying to find any articles to get https to work with the cnd still. The webserver is just doing self signed and I am able to access externally by https://ipaddress with no issues. So not sure if the webserver needs more configuration or if there are other CDN options to allow perhaps.
I take it that your IIS Server uses a self-signed certificate and accepts connections on https://<ipaddress>.
In that case,
Cheers,
Kapil
Yes the iis server https://<ipaddress> uses self-signed so you get your normal message your connection is not private>advance>Proceed unsafe site etc....
When still try the azure host name> still presents the:
http:// endpoint name works totally fine.
I did not setup the diagnostic logs. I am going through on how to do that now. I enabled the Azure CDN access Logs is that log the backendhostname and httpstatuscode?
So backend host name gives the public ipaddress:443 and httpstatuscode of 502
Ok log just says 502 httpstatuscode the backendhostname is the publicIpaddress:443
Can you also share what you see for "httpStatusDetails_s"?
From my lab, see :
Cheers,
Kapil