Our team is hosting a legacy application on an Azure VM that sits behind an Application Gateway. Traffic is locked down to TLS (via a certificate on the Application Gateway). We're attempting to hit the application from a web browser and from a client application sitting on our desktop. The desktop application is configured to communicate using TLS.
When we make the call from a web browser (Chrome, in this case), the Application Gateway successfully processes the request and forwards it on to the web server. However, when the call comes in from the desktop application, the Application Gateway rejects it.
After analyzing multiple Wireshark captures, we've noticed that after the initial ACK exchange, the desktop application sends a "Client Hello" message. The Application Gateway immediately replies with a series of Connection Resets until the whole exchange is just shut down. The Wireshark captures do indicate that the desktop application is sending its initial communication over TLS.
Has anyone encountered a similar scenario or have any suggestions? While troubleshooting, we ended up placing the certificate directly on the Azure VM and using a load balancer to direct traffic to it. This allowed the desktop client to successfully access the application.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 33%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
