2

I am trying to consume an onprem webservice from Azure APP service under https protocol. While I do I received the error

The remote certificate is invalid according to the validation procedure

This is meaningful, as Azure by default don't have to trust the service, presenting certificate issued by the OnPrem CA. However, Is there a way to configure the trust in app service.

I tried uploading the public key certificate .cer file in Base encoded format and updated the app setting with the app key WEBSITE_LOAD_ROOT_CERTIFICATES as specified int he below article https://learn.microsoft.com/en-us/azure/app-service/environment/certificates

It dint work well and I get he same error. Is my understanding right/ Is thee a right way to do it.

Muthukumar Palaniappan
  • 1,622
  • 5
  • 25
  • 49

2 Answers2

2

I missed to upload the Intermediate CA's public certificate, as intermediate CA has issued the certificate for the on prem service.

After I have added, I have changed the appkey WEBSITE_LOAD_ROOT_CERTIFICATES to hold the thumbprint of both root CA's and intermediate CA's certificate comma separated. That enabled the communication.

Muthukumar Palaniappan
  • 1,622
  • 5
  • 25
  • 49
-1

Consider Azure Hybrid Connections which enables you to connect your Azure App Services (including Azure Functions) to existing on-prem services/APIs.

Sample and case study can be found here : https://azuregems.io/azure-hybrid-connections/

DixitArora-MSFT
  • 1,768
  • 1
  • 5
  • 8
  • That would be overkill for the purpose of trusting an internal CA cert, and wouldn't even solve the problem anyway. – Jaykul Nov 29 '22 at 17:13