SSL Host Name Does not match certificate

Question

We use various endpoints to connect to azure services/apps/power platform via HTTP endpoints.

These services have recently begun returning the below error intermittently. Most of the time these calls succeed, occasionally we see a flurry of these error messages. On the client side we use SSL verify host to confirm the certificate matches the host name we have specified.

Can anyone confirm for me if the url or the certificate being returned is a genuine azure website/certificate? I just haven't seen a url like this returned in our logs before

Secure Socket Layer (SSL) failure. error code -55:  CONNECT HostName: (prod-09.uksouth.logic.azure.com) does not match Certificate: (*.flow-prod-ln-rp00-ase.p.azurewebsites.net)

Answer 1

Hi @Gina , thanks for the question.

The error message you are seeing indicates that there is a mismatch between the hostname in the URL and the hostname in the certificate being returned by the server. Specifically, the hostname in the URL is "prod-09.uksouth.logic.azure.com", but the hostname in the certificate is "*.flow-prod-ln-rp00-ase.p.azurewebsites.net".

This error can occur when the server is using a wildcard certificate that does not match the specific hostname in the URL. In this case, the certificate is issued to "*.flow-prod-ln-rp00-ase.p.azurewebsites.net", which is a valid Azure App Service hostname.

To confirm that the URL and certificate are genuine Azure websites/certificates, you can check the following:

1. Check the URL: "prod-09.uksouth.logic.azure.com" is a valid URL for Azure Logic Apps in the UK South region.
2. Check the certificate: "*.flow-prod-ln-rp00-ase.p.azurewebsites.net" is a valid wildcard certificate for Azure App Service.

Based on this information, it appears that the URL and certificate are genuine Azure websites/certificates.