I have followed this link to convert all the HTTP endpoints to HTTPS.
However, it uses an option called
IF Request Protocol;
THEN
URL Redirect
Request Protocol is not available(I cannot see) in the CDN profile that I am trying to configure. I have attached a screenshot of the rule creation phase below.
Question 1
Where can I find the Request Protocol option on the CDN Config page?
Question 2
If Request Protocol is deprecated(or no longer available), how can I perform the mentioned task?
The rules engine that's described in that article is available only for Standard Azure CDN from Microsoft.
To redirect HTTP to HTTPS in Azure Premium Verizon CDN, you can follow the steps in this blog.
The rules can take up to 4 hours to become active. But it’s typically much faster.
Related
I tried to configure a redirect rule on a CDN Standard Microsoft endpoint, and I would add the SAS token to all the requests forwarded to a specific URI but I couldn't add a redirect rule with regexp like "/test(.*)".
I noticed into the documentation that the regexp redirect are available only on Premium Verizon.
Is it possible to configure on CDN Standard Microsoft a regexp redirect?
Thanks,
Marcello
Currently Microsoft CDN Standard does not support a wild card regex redirect, as mentioned by you the option is only available on Azure CDN Premium from Verizon. Please refer to this documentation for any additional details.
I use Static website feature of Azure storage account to host React.js application. There is also a CDN endpoint enable for the site (Microsoft Standard CDN pricing tier), so the site URL looks like https://xxx.azureedge.net/. The problem: when I try to access the site via HTTP protocol, it says:
The account being accessed does not support http.
HttpStatusCode: 400
ErrorCode: AccountRequiresHttps
RequestId : 46959fc9-a01e-006d-2bc5-6b781e000000
TimeStamp : 2020-08-06T07:48:01.6590412Z
I would like the user to be redirected to HTTPS version.
You can allow HTTP without CDN:
Under "Settings"->"Configuration" set "Secure tranfer required" to "Disabled".
However, for redirecting to HTTPS you need for example CDN.
The solution was found in Microsoft documentation https://learn.microsoft.com/en-us/azure/cdn/cdn-standard-rules-engine#redirect-users-to-https
It says that the redirection from HTTP to HTTPS can be configured in the Rules engine of CDN endpoint.
It makes sense to keep in mind that:
the rules will not be applied immediately, in my case it started to work in 10 minutes.
the Rules engine is available for Standard Microsoft and Premium Verizon.
I have an Azure Media Service set up with a Premium subscription. I made an Android app which uses VideoView player and requests the multi-bitrate video files over HTTPS using the following format for asset links:
https://example.streaming.mediaservices.windows.net/c2234567-be1a-123c-ca25-e90bfca246da/1227_e3337f7-35ac-43e0-b55c-223e3333662.ism/QualityLevels(421811)/Manifest(video,format=m3u8-aapl)
Until now, I had CDN integration disabled. This worked fine and I never had issues using HTTPS.
However, now I want to enable CDN integration with default settings. When this feature is enabled, it automatically attaches the media service subdomain as a custom domain under the CDN (in this case example.streaming.mediaservices.windows.net). From what I understand, this means I should be able to continue making requests from my Android app to the same URLs as before, except now it will direct those requests to the CDN instead of the media service.
However, what I'm not sure of is whether or not I'll still be able to call those URLs over HTTPS. I see that Azure has a feature for Custom Domains with HTTPS in the works but it doesn't appear to be available yet.
So does the ability to call media service asset URLs over HTTPS carry over after CDN integration, and especially if I'm using the default media service subdomain as my custom domain?
If not, what will happen to the HTTPS calls? Will they receive no response or will they just bypass the CDN?
you should have no issues using HTTPS on CDN enabled Media Services Endpoints.
The Custom Domain HTTPS primarily refers to vanity urls like "blizz.com", which is not currently supported.
I believe in the last few days (around 4th Feb 2014), Microsoft announced CORS support for Azure Storage (link here) which is obviously a great idea.
In my case, I just wanted to find some confirmation of using a custom domain to map to azure storage which would solve an issue as follows:
Azure storage has a container with assets (images/docs etc)
I also have css/js assets there in azure storage too
Because at present the azure storage location is something like mystorage.blob.core.windows.net and my actual domain (where pages/services live) is say www.mydomain.com, I get CORS issues loading assets from a different domain of course.
So my question is if I do map a CNAME (for example assets.mydomain.com) to azure storage, will this solve the CORS related issues? Seems to me it should, however I wanted to check if others had a similar experience that they could comment on?
Thanks in advance.
You shouldn't get CORS issues loading assets, if they're just being loaded via link, script and img tags and the like. CORS only applies to AJAX requests made by JavaScript code in browsers.
Also, if the CORS rules are correctly configured on the Azure Storage account Blob service, the domain you use to address the account is irrelevant; it's the domain the current web page was served from (the Origin domain) that must be accepted by the CORS-enabled service.
So for example, if your page is served from yaysite.com, and you try to access a resource on yay.blob.core.windows.net using an XMLHttpRequest, the browser will add an Origin header to the request:
Origin: http://yaysite.com
The server at yay.blob.core.windows.net then needs to return an Access-Control-Allow-Origin header matching that to the response headers:
Access-Control-Allow-Origin: http://yaysite.com
If the browser doesn't see this header in the response, it will discard the data and the XMLHttpRequest object will trigger the error event.
Setting CORS rules on Azure Storage is described in this MSDN blog post.
As mentioned in the title above I have a cloudservice with a WebRole that runs a web app www.myappname.com. I have taken all necessary steps to enable serving of CDN content from my app using url rewrite module on IIS. This works fine but:
The requests coming in from CDN are forwarded to .cloudapp.net instead of my custom hostname binding. I cannot find any place to change this in my configuration. When I create a new CDN endpoint my options for setting the ORIGIN DOMAIN are limited to my cloud service endpoints
Say I got a custom domain name for my cloud service CDN endpoint (ex. static.appnamecdn.com). What happens when I make request with https? I don't see any place to register the "static.appnamecdn.com" 's ssl certificate. Isn't something like this required?
From the help icon on the Create CDN Endpoint screen (Azure Management Portal) I got my answer to the second point above:
If you choose to enable HTTPS for your CDN endpoint, keep in mind the
following points:
You must use the certificate provided by the CDN. Third party certificates are not supported.
You must use the CDN domain to access content. HTTPS support is not available for custom domain names (CNAMEs) since the CDN does
not support custom certificates at this time.
HTTPS is from the CDN to the client only. Requests from the CDN to the content provider (Storage Account or hosted service) are
still made using HTTP.
Regarding your first question, I don't think that is possible...Azure's CDN unfortunately is somewhat limited in its options.
As to the 2nd, as was said in the other answer, it's not possible to use HTTPS with a custom domain name :/