Failed to load resource: net::ERR_CERT_INVALID while accessing Azure app service through Azure Application Gateway.

Satyam Chauhan 537 Reputation points
2023-04-11T09:27:28.15+00:00

Hi, I have a .Net Web API deployed on an azure app service. To make it secure I have implemented Application gateway and added the app service in the backend pool. Here are the configurations I did while setting up the app gateway -

Backend setting -

  1. backend protocol - Https
  2. backend authentication certificate, use for app service - Yes
  3. Additional setting - Cookie-based affinity - disable, Connection draining - disable, Request timeout - 20
  4. Host name - Override with new hostname - Yes, hostname override - pick hostname from backend target, Use custom probe - yes

Front IP configurations -

  1. Public IP v4 is configured.

Listener -

  1. Frontend IP - Public
  2. Protocol - Https
  3. Port - 443
  4. Choose a certificate - Open ssl certificate provided
  5. Certificate - SSL certificate
  6. Listener type - basic, error page URL - NO

Rules -

  1. Listener - Above listener name
  2. Backend target - Target type - backend pool, backend target - backend pool name, backend setting - backend setting name.

Backend Health is coming as Healthy.

So when I am trying to access the api through the public IP of the App gateway from browser(Google chrome), this message is displayed - Your connection is not private, Attackers might be trying to steal your information from <Public IP>. I have another azure app service, on which an Angular application is deployed, in the angular application I am consuming the api. so when I am calling the app gateway public IP from the UI application it is giving error - Failed to load resource: net::ERR_CERT_INVALID. Please help me to resolve this issue. Thanks

Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
970 questions
Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
7,006 questions
{count} votes

Accepted answer
  1. ajkuma 22,851 Reputation points Microsoft Employee
    2023-04-12T21:02:03.5766667+00:00

    Thanks for posting this good question, Satyam.
    While I’m checking on this, could you please share the following info.

    As I understand you have not used any custom domain for Webapp and your using public IP to access the API. Kindly let me know if I have misunderstood/highlight more about your scenario.

    Typically, the error message "Failed to load resource: net::ERR_CERT_INVALID" indicates that the SSL certificate used by your Application Gateway is not trusted by the client machine. This can happen if the SSL certificate is self-signed or if it is issued by a certificate authority (CA) that is not trusted by the client machine.

    To connect to App Service, Application Gateway uses the default domain as provided by App Service (suffixed "azurewebsites.net") Or recommended approach via custom domain.
     

    Have you tried the suggestions outlined in this doc? Configure App Service with Application Gateway 

    0 comments No comments

0 additional answers

Sort by: Most helpful