Share via

Azure Front Door with Private Link Service: meaning of origin host name?

metalheart 406 Reputation points
Aug 1, 2022, 11:58 AM

I'm wondering what value is the Host name of the Origin supposed to have when private link is used for the back-end origin resource?

My understanding is the ID/alias of the Private Link already identifies the resource, so filling it in feels a little redundant. Besides, in my case the PL is for an internal load balancer, which doesn't have a publicly available hostname nor IP address anyway.

Any thoughts?

226708-image.png

Azure Front Door
Azure Front Door
An Azure service that provides a cloud content delivery network with threat protection.
766 questions
Azure Private Link
Azure Private Link
An Azure service that provides private connectivity from a virtual network to Azure platform as a service, customer-owned, or Microsoft partner services.
537 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. ChaitanyaNaykodi-MSFT 27,041 Reputation points Microsoft Employee
    Aug 2, 2022, 1:45 AM

    Hello @metalheart , Thank you for reaching out.

    As per the documentation here Note that the hostname must be a valid domain name, IPv4 or IPv6. and this HostName is used for SNI (SSL negotiation) and should match your server side certificate. Even though the AFD is linked via Private Link to the internal Load balancer this backend host name is used to establish TCP connection and then for the TLS Handshake.

    Hope this answers your query! Please let me know if you have any additional questions. Thank you!

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.