Share via

Can we use azure front door without any custom domain to access private application in Azure openshift

Yusheng Qian 20 Reputation points
2025-06-19T06:27:57.72+00:00

Hi All

We have installed a private azure openshift and a maximo application in the aro.

As now we want to follow below link to use azure front door to access maximo application in the aro.

https://learn.microsoft.com/en-us/azure/openshift/howto-secure-openshift-with-front-door

But we do not have any custom domain , could we just use the endpoint url of the azure front door to access the application in the private aro?

We have tried to configure without a custom domain, but it always failed with "Service Unavailable" error.

Thanks & Best Regards

Yusheng

Azure Front Door
Azure Front Door
An Azure service that provides a cloud content delivery network with threat protection.
851 questions
Accepted answer
  1. G Sree Vidya 2,270 Reputation points Microsoft External Staff Moderator
    2025-06-19T08:47:48.22+00:00

    Hello Yusheng Qian

    The Microsoft Document clearly state that the custom domain is a prerequisite when using Azure Front Door to expose applications from a private ARO cluster

    Which means you cannot use Azure Front Door to access a private Azure Red Hat OpenShift (ARO) application without a custom domain.

    It does mention that a custom domain is typically required for the setup to work correctly, especially since it states that all DNS servers are hosted on Azure, and the applications need to be exposed with a predefined hostname.

    This is because:

    • Azure Front Door requires TLS termination, which needs a certificate tied to a domain.
    • ARO routes traffic based on host headers, which must match the domain.
    • DNS mapping is essential for Private Link to function correctly.

    Here's what you can try or consider

    1. Register a custom domain (e.g., via Azure DNS or any registrar).
    2. Create a DNS zone and map it to your Front Door endpoint.
    3. Configure TLS using Azure-managed or custom certificates.
    4. Set up Private Link to securely connect Front Door to your private ARO ingress.
    5. Using Azure Private Link in your configuration, ensure that it’s properly set up and the Azure Front Door can reach your OpenShift application. This includes verifying that the Private Link service can respond to requests as expected.
    6. Enable logging for Azure Front Door and look for any further details on the "Service Unavailable" error. It might help to pinpoint the problem in the routing or connectivity between Front Door and your application.

    I hope these helps. Let me know if you have any further questions or need additional assistance.

    Also, if these answers your query, do click the "Upvote" and click "Accept the answer" of which might be beneficial to other community members reading this thread.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.