4

Basically I'm trying to follow this guide..

http://ronaldwildenberg.com/custom-domain-name-and-certificate-for-your-azure-service-fabric-cluster/

It says here (regarding Resource Explorer):

If you save (PUT) the updated VM Scale Set resource description, the certificate will be installed to all VMs in the scale set.

I've done this (adding my new cert to the key vault, then referencing it in the template), upon saving, the portal says provisioning, and completes, but rdp'ing into the VM's the certificate isn't there! And thus my service fails (error given in event viewer is HttpCertCfg returned errorcode 0x80070520)

What's going wrong? :(

Mardoxx
  • 4,372
  • 7
  • 41
  • 67
  • The guide you referenced is for Service Fabric; your question title implies you're working with VM Scale Sets... – Shaul Behr Oct 31 '17 at 10:28
  • 1
    @ShaulBehr SF uses VMSS for collections of node types. – Mardoxx Oct 31 '17 at 10:30
  • So is the deployment script the same, then? – Shaul Behr Oct 31 '17 at 10:48
  • @ShaulBehr I believe so, I think last time I checked the schema it was like a reference to VMSS schema for node type settings - can't remember – Mardoxx Oct 31 '17 at 12:11
  • Cool, I didn't know that. Thanks! – Shaul Behr Oct 31 '17 at 12:14
  • Mis-remembered! I think you provision your cluster resource group with VMSSs for each node type with the SF VM extension with corresponding settings e.g. https://github.com/Azure/azure-quickstart-templates/blob/591692727f818ba4a66960ff7bbd11a9a69b2024/service-fabric-secure-cluster-5-node-1-nodetype/azuredeploy.json#L394 -- so yeah, it looks like the VMSS uhh deployment scripts will be identical to a normal VMSS deployment! :) haven't used Azure for a while, been using a standalone cluster to save $$$! – Mardoxx Oct 31 '17 at 12:22

1 Answers1

1

Here's a walkthrough on MSDN. It deploys a secondary cert, then swaps.

LoekD
  • 11,402
  • 17
  • 27