Share via

Application Gateway end-to-end TLS with multiple host names

Timothy Barrett 1 Reputation point
2021-12-23T18:30:35.447+00:00

I have a application gateway setup with a listener host type as multiple/wildcard. Two urls are set there as test1.test.com and test2.test.com for example. The listener is HTTPS and the backend (http settings) is also. The issue is a want to leave the host name in the header as test1.test.com or test2.test.com, but when I configured the backend it makes you put in a host name or domain. This limits the destination to test1.test.com or test2.test.com.

Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
1,213 questions

5 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. SaiKishor-MSFT 17,336 Reputation points
    2021-12-29T10:14:21.223+00:00

    @Timothy Barrett Thank you for reaching out to Microsoft Q&A. I understand that you want to know how to add multiple domains to the same backend of an Azure Application Gateway. Please correct me otherwise.

    I see that you tried putting in the hostname in your backend which limits the destination to test1.test.com or test2.test.com. However, you can add multiple hostnames to your backend as seen below:

    161097-2021-12-29-15-37-11-saivm-1044512874-3389-remote-d.png

    By adding these same hostnames to the Listener with multisite option as shown below, I am able to reach the backend using both the hostnames.

    161155-2021-12-29-15-41-59-sai-microsoft-azure-and-8-more.png

    Please let me know if you have any further questions/concerns and I will be glad to assist you further. Thank you!

    0 comments
  2. Timothy Barrett 1 Reputation point
    2022-01-03T02:19:49.017+00:00

    where is the screen shot for the site bindings from? end to end http works fine as you don't have to put a hostname in the http settings for the backend. When setting up http settings for the backend when using https as the protocol it has be put in a hostname and only one hostname.

  3. Timothy Barrett 1 Reputation point
    2022-01-03T02:26:37.803+00:00

    it seems like you have to have one listener (test1.test.com) to one HTTP settings for the backend of test1.test.com and you can't have many sites (test1.test.com and test2.test.com) to one HTTP settings for multiple backend sites like test1 and test2 when using HTTPS as the protocol in the HTTP settings.

    0 comments
  4. SaiKishor-MSFT 17,336 Reputation points
    2022-01-05T17:08:33.85+00:00

    @Timothy Barrett I had to some testing to determine how this works. For pointing multiple sub domains to a single back end when using end to end TLS, you can add the multiple domains in the listener as shown below:

    162572-listener.png

    Here I have added multiple sub domains to the Listener. I have made sure to point these sub domains to the IP address of the App GW.

    Also for the Backend HTTP setting, make sure to pick Override backend hostname and put in the actual domain name there as shown below:

    162586-http.png

    This is working perfectly for me. Hope this helps. Please do let us know if you have any further questions and we will be glad to assist further. Thank you!

    0 comments
  5. Timothy Barrett 1 Reputation point
    2022-01-05T17:14:19.83+00:00

    When I do that it overrides the url in the packet with the domain name you put in the http settings for the backend. For example if the listener is test1.test.com and test2.test.com and in the backend you put test.com for the domain, the packet will have test.com in the HTTPS header.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.