question

XiangyiWu-3592 avatar image
0 Votes"
XiangyiWu-3592 asked thgibard edited

Not able to secure windows azure vm in https

Hello,

I tried to secure a windows azure virtual machine following the tutorial below
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/tutorial-secure-web-server

No error message all the way, but the website in this VM still cannot be accessed by https.
FYI, it can be accessed by http without problem and there is no domain name for this VM yet, it's accessed by public IP address.

Please advise, thank you in advance.

azure-virtual-machines
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

XiangyiWu-3592 avatar image
0 Votes"
XiangyiWu-3592 answered XiangyiWu-3592 commented

@thgibard Hello, your help will be much appreciated!

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hello @XiangyiWu-3592

I don't know why I'm especially mentioned. I'm not covering all the topics :-) !
You should consider add some screenshots of your configuration to allow people to understand in a better way your existing context.

From what, I've understood you have a virtual machine in Azure. This virtual machine is hosting a web site with probably IIS Web Server role installed.
Currently, your website is working as you want in http but you can't move it to https ? Correct ?

When you're trying to access to the same URL with httpS. What do you have as error message ? Long loading and finally timed out ? Warning message that the connection is not secured ? or just nothing ?

0 Votes 0 ·

Hello @thgibard, thank you for your kind reply!
I noticed your professional answers under other questions, very impressive that's the reason I specifically tagged you, hope you didn't mind:)
In terms of the question, your understanding was absolutely correct. The error message was just long loading and timed out. I tried to clear the cache and etc. but the https access just didn't work. And yes the website is working as we want in http, accessabile by ip address.

Best Regards,
Xiangyi

0 Votes 0 ·
thgibard avatar image
0 Votes"
thgibard answered thgibard edited

Thank you for the kinds words. OK first, let's put away the question about certificate and so on. We should be able to see the website even with the https with the error message "this page is not secured etc."

According what you're telling me, it sounds like a network issue if slow loading. Did you create the correct opening flow to be able to access to your virtual machine on the port 443 (https/TCP) ? Depending on your personal configuration, it might be configuring the associated NSG (Network Security Group) or a true firewall if you have so. Keep in mind you will need to do that in the flow control you may have in Azure but also internally on the Integrated Windows Firewall (if activated).

· 5
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hello @thgibard, thank you for the suggestion! The port 443 is open right now both on portal and windows firewall, and I received a new error message as below: "Failed to establish a secure connection. This proxy and the remote host failed to negotiate mutually acceptable security settings for handling your request. It is possible that the remote host does not support secure connections, or the proxy is not satisfied with the host security credentials. "

Does this mean the encryption was not successful? If possible, can we book a short team meeting to discuss the issue? Your support is highly appreciated, thank you!

Sincerely,
Xiangyi

0 Votes 0 ·

So if you get a warning / error message now. That's mean the flow is now opened.
Can you show me a screenshot about what you're seeing ?

Even if it's seems obvious I prefer to ask, but you know you will require to add an SSL certificate on your serveur in the IIS configuration in order to be able to display your website in https ? Is it something clear you ? Did you have request it to a certificates provider ?

Support on Q&A is unfortunately only provided throw this platform and Teams/Skype conf is not possible.


0 Votes 0 ·

Hello @thgibard ! Please find the screenshot of error message attached.
If my understanding was correct, I have added an SSL certificate on the server by following the tutorial above, in the power shell (See attached screenshot 2) If there is anything more that need to be done to finish this step, please kindly let me know!
7624-capture.png

7597-capture1.png
No problem we can communicate here. Looking forward to your reply!

Sincerely,
Xiangyi


0 Votes 0 ·
capture1.png (47.1 KiB)
capture.png (93.4 KiB)
Show more comments