This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 93%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
I am trying to host Telecom Applications on AKS behind Application gateway. Inherently these applications use http2 protocol for communication hence I am trying to setup https communication between application gateway and app to app communication. I am using self signed certificates for both application gateway and Applications. I followed the certs generation page from Azure for Application gateway
openssl pkcs12 -export -in diagserverCA.pem -inkey diagserverCA.key -out appgw.pfx -password pass:****
openssl x509 -outform der -in diagserverCA.pem -out appgw.cer
However, Health probes are failing even If I input correct end points in probes with this error " Received invalid response 404. As per health probe 200-399 is acceptable"
Below is the config of Ingress.
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nf-nrf-ingress
annotations:
kubernetes.io/ingress.class: azure/application-gateway
appgw.ingress.kubernetes.io/use-private-ip: "true"
appgw.ingress.kubernetes.io/backend-protocol: "https"
appgw.ingress.kubernetes.io/appgw-ssl-certificate: "appgw-cert"
appgw.ingress.kubernetes.io/appgw-trusted-root-certificate: "appgwroot"
spec:
tls:
- secretName: tls-secret
rules:
- http:
paths:
- path: /nnrf-*
pathType: Prefix
backend:
service:
name: hpe-nf-nrf-nnrf
port:
number: 8443
Hello Anil
Welcome to Microsoft Q&A Platform, thanks for posting your query here.
I assume you are using Application Gateway ingress controller, can you please check this guide E2E SSL, maybe this can help achieve your ask.
https://azure.github.io/application-gateway-kubernetes-ingress/tutorials/tutorial.e2e-ssl/
This involves configuration in the ingress side and the AppGw side as well.
Hope this helps.
Hello Anil
Any update on the issue?
Just checking in to see if you got a chance to see previous response.
If the suggested response helped you resolve your issue, please 'Accept as answer', so that it can help others in the community looking for help on similar topics.
I am yet to Test it in the environment. While HTTP probes/ Backend Health returns 200 OK.while HTTPS probes/Backend Health returns 404, while querying from the pod. I will reconfigure everything and will update
This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Comments have been turned off. Learn more
Hello Anil
Welcome to Microsoft Q&A Platform, thanks for posting your query here.
Firstly, apologies for the delay in responding here and any inconvenience this issue may have caused.
Based on the details shared, looks like the probed endpoint is returning a 404 error, which would prevent the health probe from returning back healthy. Application Gateway expects a 200 response for the default health probe.
You'll either need to define a custom health probe to assume 404 as the expected response as healthy, or change the path of the health probe to an endpoint that would return a 200 response.
Please check this if you need to customize the health probe: https://azure.github.io/application-gateway-kubernetes-ingress/features/probes/
Hope this helps.
If you need further help on this, tag me in a comment.
If the suggested response helped you resolve your issue, please 'Accept as answer', so that it can help others in the community looking for help on similar topics.