August 30, 2018
Posted by on
Recently I needed a free certificate for my Azure Lab. With StartSSL stopped service since Jan 2018 there are still several options left. For example Comodo gives a 90-days trial.
I decided to try Let’s Encrypt service.
Since the service is free (donates are welcome) the process requires some work.
Luckely, I discovered a convenient tool developed by Sverrir Sigmundarson. It work in combination with Let’s Encrypt API Web site https://gethttpsforfree.com/
There is a nice Video Manual at https://www.youtube.com/watch?v=CzbZKrYo7HA
The tool itself is available on Github: https://github.com/sverrirs/GetHttpsForFree-UI
At the end of the process you get a certificate signed by the Public CA. to bind a private key and convert to PFX use OpenSSL command:
openssl pkcs12 -export -in Cert_cert.crt -inkey domain.key -out cert.pfx
August 23, 2018
Posted by on
Recently I had a project where I needed to put an Azure App Service behind App Gateway.
The Customer also asked to create HTTP-HTTPS redirection for better and-user experience.
I created two listeners (for port 80 and 443) and two rules: one for traffic on port 443 to redirect to my backend pool and the second one for traffic on port 80 – to redirect to my 443 listener. Everything worked fine. We progressed with the project and at a certain time needed to remove the listeners.
From my previous experience I knew – you never delete rules first – delete the listener first. Since we did have a redirection I deleted port 80 listener first. Azure kindly deleted associated rule. At least it is disappeared
Next I tried to delete 443 Listener and at that point got an error saying:
“Failed to save configuration changes to application gateway…. Error: Resource <Path to my 443 Listener> referenced by resource <Path to my HTTP-HTTPS redirection rule> was not found. Please make sure that the referenced resource exists and both resources are in the same region.”
Sounds weird taking in consideration I did not see the redirection rule in GUI.
So I brought Azure CLI (for some reasons MS provided commands for CLI, or maybe I just did not find those for PowerShell) and run
az network application-gateway redirect-config show -g <resource group name> –gateway-name <gateway name>
sure enough the rule was still there.
after that I run
az network application-gateway redirect-config delete –g <resource group name> –gateway-name <gateway name> –n <rule name>
and this time the rule was deleted completely.
After that the remaining listener was deleted without problems.
August 2, 2018
Posted by on
I am working with Azure File Sync service, it is GA last week and I have a Customer who requires a scenario where AFS can fit.
I tested workgroup servers with AFS in my Lab and everything was ok. After that I decided to check ACL transfer for domain machines. So I brought a DC and joined the servers to the domain. It was working and I successfully tested ACL transfer .
I finished tests, stopped VMs.
Today I started them back and found my AFS Service shows both servers offline and Server end-point Health is in Error state. I tried to restart services, reboot etc.. nothing helped. I tried to remove endpoint – the task failed with time out. Finally I succeeded to unregister one of servers and re-install Storage Sync Client on it; rebooted and re-register. It came back nice and green.
So took a look at the dashboard and found the server name is changed to FQDN for the fixed server, but still a NETBIOS for the server who is offline state.
I guess if the server name changed, or a server is added to a domain the AFS client should be reinstalled…