SSL policy errors: RemoteCertificateNameMismatch in Blob Storage

Andrii Chaika 20 Reputation points

I have created a blob storage which is a part of the virtual network.

I created a private endpoint for the blob storage and disabled public access to the blob storage.

However, the wrong certificate is used when I try to use it in the app.

2023-05-17T01:26:50.350877727Z       Request [bfa024d6-ed5a-4013-aab1-cad997a25aff] HEAD
2023-05-17T01:26:50.350903928Z       x-ms-version:2022-11-02
2023-05-17T01:26:50.350910428Z       Accept:application/xml
2023-05-17T01:26:50.351266839Z       x-ms-client-request-id:bfa024d6-ed5a-4013-aab1-cad997a25aff
2023-05-17T01:26:50.351280639Z       x-ms-return-client-request-id:true
2023-05-17T01:26:50.351286939Z       User-Agent:azsdk-net-Storage.Blobs/12.16.0 (.NET 7.0.5; Linux #1 SMP Tue Jan 24 21:45:24 UTC 2023)
2023-05-17T01:26:50.351292439Z       Authorization:REDACTED
2023-05-17T01:26:50.351304140Z       client assembly: Azure.Storage.Blobs
2023-05-17T01:26:50.380557092Z ServicePointManager.ServerCertificateValidationCallback
2023-05-17T01:26:50.382571651Z SSL policy errors: RemoteCertificateNameMismatch
2023-05-17T01:26:50.384146896Z Certificate name mismatch. Requested host:, Certificate subject: CN=*

How to make sure that azure returns the right certificate *

Azure Blob Storage
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
1,676 questions
A set of technologies in the .NET Framework for building web applications and XML web services.
3,122 questions
0 comments No comments
{count} votes

Accepted answer
  1. siwibowo 336 Reputation points

    Hi @Andrii Chaika , although you use private endpoint for your storage account, you need to use DNS entry of its public endpoint, eg.

    When you create private endpoint for your storage account, it also creates a local DNS entry alias pointing the public endpoint to the private endpoint. Please check by command "nslookup" to make sure it points to the private IP address.

    Reference: Tutorial: Connect to a storage account using an Azure Private Endpoint

    Connecting using public endpoint will solve SSL certificate mismatch issue.

    1 person found this answer helpful.
    0 comments No comments

0 additional answers

Sort by: Most helpful