As mentioned in the title above I have a cloudservice with a WebRole that runs a web app www.myappname.com. I have taken all necessary steps to enable serving of CDN content from my app using url rewrite module on IIS. This works fine but:
The requests coming in from CDN are forwarded to .cloudapp.net instead of my custom hostname binding. I cannot find any place to change this in my configuration. When I create a new CDN endpoint my options for setting the ORIGIN DOMAIN are limited to my cloud service endpoints
Say I got a custom domain name for my cloud service CDN endpoint (ex. static.appnamecdn.com). What happens when I make request with https? I don't see any place to register the "static.appnamecdn.com" 's ssl certificate. Isn't something like this required?
From the help icon on the Create CDN Endpoint screen (Azure Management Portal) I got my answer to the second point above:
If you choose to enable HTTPS for your CDN endpoint, keep in mind the
following points:
You must use the certificate provided by the CDN. Third party certificates are not supported.
You must use the CDN domain to access content. HTTPS support is not available for custom domain names (CNAMEs) since the CDN does
not support custom certificates at this time.
HTTPS is from the CDN to the client only. Requests from the CDN to the content provider (Storage Account or hosted service) are
still made using HTTP.
Regarding your first question, I don't think that is possible...Azure's CDN unfortunately is somewhat limited in its options.
As to the 2nd, as was said in the other answer, it's not possible to use HTTPS with a custom domain name :/
Related
I have hosted a static website in azure mainly by following the Microsoft tutorials. The process has been to create a storage account, create a CDN endpoint, map my custom domain to the endpoint and then enable HTTPS using an SSL certificate managed by azure.
The custom domain is working but the problem is firstly that although in Azure CDN it says that both HTTP and HTTPS are enabled, I can only access the website via HTTPS and when I try with HTTP the error I get says 'The account being accessed doesn't support HTTP'. The other thing is that in order to navigate to the secure site I have to put the entire URL in the search bar, starting with the https or the website can't be found. I'm not sure if this is normal but if I think of web browsing in general, this isn't usually necessary.
Any ideas on how to fix this would be greatly appreciated.
Default is that Azure only Allows HTTPS.
On App Service go to TLS/SSL settings and switch to HTTPS Only to Off.
On Storage Account go to Configuration and change Secure transfer
required to disabled.
My website and my domain are hosted on a different service provider from azure. I created a CNAME record and I have added my custom domain to the azure. So right now I can go to http://images.mysite.com/images/myimage.png. The image that loads comes from the blob storage from azure. However, if I try to do this via https, I get NET::ERR_CERT_COMMON_NAME_INVALID error.
I've been through many guides, and seen just about every setting in azure portal and I can't figure out how to import my ssl into azure so that this will work. I have a feeling it has to do something with Azure CDN option, which I don't have configured and don't want to pay extra just for this one feature. Can I do this without it somehow?
I've been through many guides, and seen just about every setting in
azure portal and I can't figure out how to import my ssl into azure so
that this will work.
Simple answer to your question is that it is not possible as of today. Azure Storage still doesn't support HTTPS with custom domain. You'll need to use CDN if you wish to use your SSL certificates to facilitate secure connection.
From https://learn.microsoft.com/en-us/azure/storage/blobs/storage-custom-domain-name:
Azure Storage does not yet natively support HTTPS with custom domains.
You can currently Use Azure CDN to access blobs by using custom
domains over HTTPS.
I have a static website hosted in a storage account, and i want to be able to manage the request/response headers. I found some sources about people that used Function App Proxy as a workaround. And it all works well. But i am using Azure CDN to cache the website and deliver it. So i tried to create a CDN endpoint, using custom origin, and connect it to the Function App Proxy. But the CDN is not able to pull and cache the content. Any idea if this anyhow is possible to work? I definitely need the CDN in front of the website, in order to achieve better performance.
I have an Azure Media Service set up with a Premium subscription. I made an Android app which uses VideoView player and requests the multi-bitrate video files over HTTPS using the following format for asset links:
https://example.streaming.mediaservices.windows.net/c2234567-be1a-123c-ca25-e90bfca246da/1227_e3337f7-35ac-43e0-b55c-223e3333662.ism/QualityLevels(421811)/Manifest(video,format=m3u8-aapl)
Until now, I had CDN integration disabled. This worked fine and I never had issues using HTTPS.
However, now I want to enable CDN integration with default settings. When this feature is enabled, it automatically attaches the media service subdomain as a custom domain under the CDN (in this case example.streaming.mediaservices.windows.net). From what I understand, this means I should be able to continue making requests from my Android app to the same URLs as before, except now it will direct those requests to the CDN instead of the media service.
However, what I'm not sure of is whether or not I'll still be able to call those URLs over HTTPS. I see that Azure has a feature for Custom Domains with HTTPS in the works but it doesn't appear to be available yet.
So does the ability to call media service asset URLs over HTTPS carry over after CDN integration, and especially if I'm using the default media service subdomain as my custom domain?
If not, what will happen to the HTTPS calls? Will they receive no response or will they just bypass the CDN?
you should have no issues using HTTPS on CDN enabled Media Services Endpoints.
The Custom Domain HTTPS primarily refers to vanity urls like "blizz.com", which is not currently supported.
I'm building an ASP.NET MVC website to be hosted as a shared Azure website with custom domain name.
For the backend portion of the site (for specific users only) I need a login form and from that point on all traffic should be SSL encrypted. However I don't have a custom certificate and would like to avoid that extra cost.
I noticed that free websites already serve over HTTPS with a wildcard certificate for *.azurewbesites.net. Is that "free" azurewebsites.net-address also available for shared websites with custom domain(s) so I can simply redirect all "pages" that require authentication via the https://xyz.azurewebsites.net address? I'm aware that would be a cross-domain redirect which is visible to the end-user but that is not an issue since it's only a select group of users...
Yes, using the *.azurewebsites.net domain is your only option to have HTTPS without extra cost. The domain is always available, even if you use a custom domain, because it's used for a few additional services (like your repo, remote console, ...).