Opinions, tips, and news orbiting Microsoft. Few days back , I had to update the Azure backend certificate for authentication in the Application Gateway and i started noticing this error, Backend server certificate is not whitelisted with Application Gateway.. Is "I didn't think it was serious" usually a good defence against "duty to rescue"? The other one which certificate is still valid and does not need renewal is green. We initially faced an issue with the certificate on the backend server which has since been sorted out by MS Support. To verify, you can use OpenSSL commands from any client and connect to the backend server by using the configured settings in the Application Gateway probe. If your cert is issued by Internal Root CA , you would have export the root cert and import it the Trust Root Store in the Client. The chain looks ok to me. To find out the reason, check OpenSSL diagnostics for the message associated with error code {errorCode}. The root certificate is a Base-64 encoded X.509(.CER) format root certificate from the backend server certificates. If your cert is issued by Internal Root CA , you would have export the root cert and import it the Trust Root Store in the Client. (LogOut/ If there's a custom DNS server configured on the virtual network, verify that the servers can resolve public domains. Solution: Depending on the backend server's response code, you can take the following steps. here is the sample command you need to run, from the machine that can connect to the backend server/application. Visual Studio Code How to Change Theme ? A few of the common status codes are listed here: Or, if you think the response is legitimate and you want Application Gateway to accept other status codes as Healthy, you can create a custom probe. Now you have the authentication certificate/trusted root certificate in Base-64 encoded X.509(.CER) format. Posted in Azure Tagged 502webserver, Azure, azure502, azureapplicationgateway, azurecertificate, azurewaf, backend certificate not whitelisted Post navigation Azure Cyber Security: Protect & Secure Your Cloud Infrastructure d. Otherwise, change the next hop to Internet, select Save, and verify the backend health. of the server certificate used by the backend does not match the trusted root certificate added to the application gateway. To learn more visit https://aka.ms/authcertificatemismatch" I have some questions in regards to application gateway and need help with the same : Allow the backend on the Application Gateway by uploading the root certificate of the server certificate used by the backend. Ensure that you add the correct root certificate to whitelist the backend. At the time of writing the Application Gateway doesnt support uploading the Certificates directly into Key Vault, hence extracting the string into .txt and dumping it in Key Vault Secrets. xcolor: How to get the complementary color.
info@cappelectric.com
713.681.7339