I've got a nodejs app running inside docker on a container instance in Azure.
I have a URL which is an IP address with HTTP only.
e.g.
http://123.456.789
I need it to be HTTPS because it is providing content to a React frontend and therefore I have a mixed content issue.
The App services on Azure just works by adding a https to the front of the address, but these are different and I can't figure it out.
You could add an extra sidecar container running the public Nginx image, configured to use TLS. Read this tutorial to enable a TLS endpoint in a sidecar container and read this for more choices. If you want to automatic HTTPS with Azure Container Instances (ACI) with terraform, you could refer to this.
Related
I have a nextJS app working in local container. I uploaded the image to Azure and now my application is up from Azure Container Instances.
its listening on port 3000 on http protocol.
I want to utilize Azure https certificate and have site like https://mysitexyz.azurewebsites.net which should point to my container: http://containerip:3000
What Azure resource should i using to achieve that?
You can point your custom DNS to an Azure Container Instances: https://learn.microsoft.com/en-us/azure/container-instances/container-instances-custom-dns
EDIT: *.azurewebsites.net is the DNS assigned when you use Azure App Service. You can't use it outside Azure App Service. What you can do, is run Containers on top of it using Azure Web App for Containers.
I have deployed a Python Flask based app in AWS. It is running fine on http://<ip>. I need to convert this to https. I have sent request for admin to enable port 443 for https.
Will that automatically make my app to https or do I need to install or setup something else to make it happen?
You have multiple choices for this;
Use ACM (Easiest?!):
if you're using AWS loadbalancers, you can create a certificate using ACM service and assign it to your loadbalancer and modify your Target Groups in EC2 panel.
If you are using cloudfront, you can also configure your SSL/TLS there. (Not changing the loadbalancer and target groups). It will work as an upper layer.
Use other certificate providers excluding AWS ACM:
You can setup something like Lets Encrypt or use Cloudflare services.
Note: it really depends on how your cloud stack currently is, you maybe be only deploying on EC2 Server and having Nginx configured and having everything else done outside of AWS with other services or you can have Lets Encrypt certificate on your ALB.
This post just gives you some keywords, you can search and see exact instruction/tutorial for every solutions.
I am wondering, what is the reason for Azure Container instances not to have an HTTPS address?
In comparison, Web Apps do have HTTPS endpoint by default, while Container Instances have just HTTP endpoint assigned.
Why is that?
When you deploy an application to Azure Web Apps, you are basically running your application behind IIS. You can configure the Web Apps platform to terminate SSL connections and all incoming requests received by your application will be via HTTP.
On Azure Container Instances, you container is directly connected to the network. If you want to terminate SSL before it reaches your application, you would need to have a service which provides SSL termination. The typical way to do this without creating any more infrastructure is to run nginx as a sidecar to your application container.
Goal: Deploy a website to Azure App Service in a container that works from the php-apache base image as has a custom domain with SSL.
Current Situtation:
Website setup to use Dockerfile for building an image
Image uploaded to Docker Hub and successfully built
Image deployed to Azure App Service as a container
Configured custom domain in Azure and pointed DNS to provided IP Address
Problem: How do I configure my container? Currently, I am getting an SSL warning when trying to connect to my website which makes perfect sense as my domain does not match the default certificate azure provides for *.azurewebsite.net (and Azure tells you this when you setup a custom domain, which is neat).
Does Azure pass a request made on 443 to my container on 443 requiring me to configure my container for an SSL connection?
Does Azure terminate the SSL connection and pass the request to my container on port 80?
I understand I need to upload my certificate to Azure, but if Azure is passing the request to my container on 443, that would mean I would need to setup my container to accept requests on 443 and configure the certificate inside the container (which is fairly trivial). However, if Azure terminates the SSL and passes the request over port 80, then my life is a bit simpler as I can just configure my container to listen on 80 and let Azure do the heavy lifting.
If you have any questions, or need clarification please let me know.
From what I can tell, Azure is terminating the SSL connection and passing the request to my container on port 80. I am making this assumption because at this point I am hosting a number of websites in containers and none of them expose 443.
It seems that all that is necessary is to upload your certificate to the Azure App Service Plan and do a bit of configuring to associate it with the correct App Service and website. The container running a website requires no special configuration for SSL.
I'm trying to create https endpoints for three apps in a cluster of Service Fabric. Because I have more than one app I use HttpSys. So far I worked only on http but requests from frontend are from a secure transmission(https) so I have to put my backend on https.
I tried to follow this 1 but it doesn't work with WebListener so I move the implementation to HttpSys.
I don't have any errors and my cluster is working well but when I try to access my https endpoint I get nothing.