I'm using Azure Storage Blobs and have Azure CDN in front of it serving static images and videos. I have been trying to get my website to use HTTP2 for a while now, but have run into issues with how Azure containerizes .NET Core applications on Linux machines. So, the website (using Kestrel), is only serving files over http/1.1 even if they're local files.
I thought that I could "offload" somethings by moving them to a storage blob container, then using Azure CDN. This article suggests that it should be available: https://learn.microsoft.com/en-us/azure/cdn/cdn-http2
Is there something else I need to configure within my CDN profile or the Storage account to enable http/2? Or is it because my server is serving it as http/1.1?
Thanks,
AJ
After some searching, I found a thread on Stack Overflow (sorry, on mobile and it's a pain to copy/paste links) about how some anti-virus softwares intercept requests to do SSL checking. Anyway, I use Bitdefender and when I went to Protection > Online Threat Prevention and disabled "Encrypted web scan" and then reloaded my domain, sure enough all traffic poured in over http2. I'm not sure why Bitdefender treated Akamai differently, but at least we know why now!
Related
I have hosted a static website in azure mainly by following the Microsoft tutorials. The process has been to create a storage account, create a CDN endpoint, map my custom domain to the endpoint and then enable HTTPS using an SSL certificate managed by azure.
The custom domain is working but the problem is firstly that although in Azure CDN it says that both HTTP and HTTPS are enabled, I can only access the website via HTTPS and when I try with HTTP the error I get says 'The account being accessed doesn't support HTTP'. The other thing is that in order to navigate to the secure site I have to put the entire URL in the search bar, starting with the https or the website can't be found. I'm not sure if this is normal but if I think of web browsing in general, this isn't usually necessary.
Any ideas on how to fix this would be greatly appreciated.
Default is that Azure only Allows HTTPS.
On App Service go to TLS/SSL settings and switch to HTTPS Only to Off.
On Storage Account go to Configuration and change Secure transfer
required to disabled.
My website and my domain are hosted on a different service provider from azure. I created a CNAME record and I have added my custom domain to the azure. So right now I can go to http://images.mysite.com/images/myimage.png. The image that loads comes from the blob storage from azure. However, if I try to do this via https, I get NET::ERR_CERT_COMMON_NAME_INVALID error.
I've been through many guides, and seen just about every setting in azure portal and I can't figure out how to import my ssl into azure so that this will work. I have a feeling it has to do something with Azure CDN option, which I don't have configured and don't want to pay extra just for this one feature. Can I do this without it somehow?
I've been through many guides, and seen just about every setting in
azure portal and I can't figure out how to import my ssl into azure so
that this will work.
Simple answer to your question is that it is not possible as of today. Azure Storage still doesn't support HTTPS with custom domain. You'll need to use CDN if you wish to use your SSL certificates to facilitate secure connection.
From https://learn.microsoft.com/en-us/azure/storage/blobs/storage-custom-domain-name:
Azure Storage does not yet natively support HTTPS with custom domains.
You can currently Use Azure CDN to access blobs by using custom
domains over HTTPS.
I am using Clickonce for deploying my WPF application and this is being done in Azure Blob storage. Since this is a custom URL it won't be white listed in many of the client machines and hence I mapped a custom domain for the same. I was able to access the HTML page and download the setup file but download of .application file is not being done as connection could not establish a trust relationship for the SSL/TLS secure channel.
Is there a way to overcome this? Can I map SSL certificates to my custom domain.
Taken from the documentation page:
Azure Storage does not yet natively support HTTPS with custom domains.
You can currently Use Azure CDN to access blobs by using custom
domains over HTTPS.
I'm trying to serve my cloud storage content using custom domain over https. Currently, I'm using Amazon S3 with CloudFront to deliver the content using custom domain over https. But S3 with CloudFront is costly, So I'm now searching for an alternative.
Is Azure or Google Cloud natively support to serve content using custom domain over https. Without using CDN?
At the moment, google cloud storage only support HTTP. As per documentation To serve your content through a custom domain over SSL, set up a load balancer, use a third-party Content Delivery Network with Cloud Storage, or serve your static website content from Firebase Hosting instead of Cloud Storage.
I was able to find this blog which might help you on the setup.
With that being said, if you are looking for functionality like this you may also try with App Engine, as by default, HTTPS connections on your custom domain will automatically be enabled using managed SSL certificates. You can visit this link for more details. Also, there is a there is a feature request submitted to support auto managed SSL with GCLB.
Is Azure or Google Cloud natively support to serve content using
custom domain over https. Without using CDN?
Azure allows you to map a custom domain to your blob storage endpoint. Using this, you can serve the content stored in blob storage using a custom domain. You can read more about it here: https://learn.microsoft.com/en-us/azure/storage/blobs/storage-custom-domain-name
However please note that this will not work over https. For https, you will need to use Azure CDN.
The OP's needs will be met by using Firebase as mentioned in passing by #KarthickN.
Firebase is a Google product which deploys your own domain name site automatically through SSL (https). You can first push your site onto one of the remote git repositories and use CI/CD for Firebase to deploy. You don't need to worry about CDN as firebase will use Google's global edge servers. Small usage is free then move onto paid plans as your needs grow plans
I answered a similar question here.
I have Windows 10 Azure VM and trying to play videos from CDN (vid.pluralsight.com), but it cannot connect to this cdn. Tried tracert to this cdn but it is timing out. this cdn is on http://www.cachefly.com/.
Anybody knows where to enable this?
ICMP is disabled on Azure VM's, so your tracert calls will timeout/fail (even with http/UDP supported packages). That being said, I would reach over to PluralSight support, it would be logic on their end in their CDN configurations denying access to certain IP's or ranges, or without proper auth tokens. They likely can assist you further. The issue does not appear to be with the CacheFly CDN because other CacheFly CDN enabled content is served appropriately on the Azure VMs I've tried (both Windows/ Linux). If you have a CacheFly account you should be able to pre-warm a few cache locations and pull those with url filters, etc. and see that you can expire content, get geo-cached items, etc.