Share via

SSL Error: Self signed certificate in azure application gateway

kiruba 1 Reputation point
2022-12-29T05:19:38.857+00:00

configured application gateway with self signed certificate. But while running API in postmen, getting "SSL Error: Self signed certificate" .

steps followed to create certificate: 

# generate certificate for testing  
 openssl req -x509 -nodes -days 365 -newkey rsa:2048 \  
   -out test-cert.crt \  
   -keyout test-cert.key \  
   -subj "/CN=test"  
      
 openssl pkcs12 -export \  
   -in test-cert.crt \  
   -inkey test-cert.key \  
   -passout pass:test \  
   -out test-cert.pfx  
      
 az network application-gateway ssl-cert create \  
   --resource-group $resgp \  
   --gateway-name $appgwName \  
   -n mysslcert \  
   --cert-file test-cert.pfx \  
   --cert-password "test"

yaml file to create app: 

#########  
apiVersion: apps/v1  
kind: Deployment  
metadata:  
  name: ag-test-pod  
  namespace: test  
  labels:  
    app: ag-test  
spec:  
  replicas: 1  
  selector:  
    matchLabels:  
      app: ag-test  
  strategy:  
    rollingUpdate:  
      maxSurge: 1  
      maxUnavailable: 0  
    type: RollingUpdate  
  template:  
    metadata:  
      labels:  
        app: ag-test  
    spec:  
      containers:  
      - name: ag-test-test  
        imagePullPolicy: IfNotPresent  
        image: testhub.azurecr.io/ag_cdata_driver:25Aug2022Test18  
      imagePullSecrets:  
      - name: testalbsecret  
  
---  
---  
  
#######  
apiVersion: v1  
kind: Service  
metadata:  
  name: ag-test-service  
  namespace: test  
spec:  
  selector:  
    app: ag-test  
  ports:  
    - protocol: TCP  
      port: 3009  
      targetPort: 3009  
  type: ClusterIP  
  
---  
---  
  
#######  
apiVersion: networking.k8s.io/v1  
kind: Ingress  
metadata:  
  name: aks-ingress  
  namespace: test  
  annotations:  
    kubernetes.io/ingress.class: azure/application-gateway  
    appgw.ingress.kubernetes.io/appgw-ssl-certificate: mysslcert  
spec:  
  rules:  
    - http:  
        paths:  
          - path: /ag-test/*  
            pathType: Prefix  
            backend:  
              service:  
                name: ag-test-service  
                port:  
                  number: 3009  
            pathType: Exact

followed steps in below link to implement application gateway :
install-new

Azure Application Gateway
Azure Application Gateway

An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.

0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Cristian Gatjens 716 Reputation points Microsoft Employee
    2022-12-29T17:39:39.117+00:00

    Hello, @kiruba

    Thank you for reaching out & I hope you are doing well. 

    Based on the information that you have provided; I understand you are following the steps from https://azure.github.io/application-gateway-kubernetes-ingress/features/appgw-ssl-certificate/ to configure your Application Gateway with SSL certificates. All the steps and configuration that you have shared look good.

    However, when testing this using Postman, you are getting "SSL Error: Self signed certificate" as the response.

    Doing my research based on that SSL error message, I came across this external StackOverflow link that describes a similar behavior:

    https://stackoverflow.com/questions/57424532/postman-error-self-signed-certificate-in-certificate-chain

    By default, Postman is not aware of the SSL certificates unless you manually add them. Another option is to disable SSL certificate verification as suggested in that link.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well. Feel free to reply with any other questions or concerns.

    Hope this helps!

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.