Hello pavan b a,
Welcome to the Microsoft Q&A and thank you for posting your questions here.
Problem
I understand that you are contemplating whether you should use the custom health probe /adfs/probe
on the Azure Application Gateway to be configured to use HTTP or HTTPS due to Microsoft recommendation and backend settings.
Solution
In your scenario, the issue arises because your Azure Application Gateway's backend settings are configured to use HTTPS, while the health probe is configured to use HTTP. The Application Gateway expects the health probe and backend settings to match in terms of the protocol being used.
To resolve this issue, by system architecture design, you should indeed change the health probe to use the HTTPS protocol. This will ensure that the health probe checks are consistent with the backend's configuration, allowing the Application Gateway to correctly determine the health of your Web Application Proxy (WAP) servers.
Ensure you find the health probe associated with your WAP servers. This will typically be under the "Health Probes" section and edit the Health Probe:
- Change the protocol from HTTP to HTTPS.
- Ensure the path remains
/adfs/probe
, as recommended by Microsoft. - If necessary, update the port to match the HTTPS port being used by your WAP servers (usually port 443).
Accept Answer
I hope this is helpful! Do not hesitate to let me know if you have any other questions.
** Please don't forget to close up the thread here by upvoting and accept it as an answer if it is helpful ** so that others in the community facing similar issues can easily find the solution.
Best Regards,
Sina Salam