IT Consultant Everyday Notes

Just some problems/solutions storage

Monthly Archives: August 2018

Azure: Free Public cert for a Lab

Recently I needed a free certificate for my Azure Lab. With StartSSL stopped service since Jan 2018 there are still several options left. For example Comodo gives a 90-days trial.

I decided to try Let’s Encrypt service.

Since the service is free (donates are welcome) the process requires some work.

Luckely, I discovered a convenient tool developed by Sverrir Sigmundarson. It work in combination with Let’s Encrypt API Web site https://gethttpsforfree.com/

There is a nice Video Manual at https://www.youtube.com/watch?v=CzbZKrYo7HA

The tool itself is available on Github: https://github.com/sverrirs/GetHttpsForFree-UI

At the end of the process you get a certificate signed by the Public CA. to bind a private key and convert to PFX use OpenSSL command:

openssl pkcs12 -export -in Cert_cert.crt -inkey domain.key -out cert.pfx

Azure: WEB Listener cannot be deleted on Azure Application Gateway

Recently I had a project where I needed to put an Azure App Service behind App Gateway.

The Customer also asked to create HTTP-HTTPS redirection for better and-user experience.

I created two listeners (for port 80 and 443) and two rules: one for traffic on port 443 to redirect to my backend pool and the second one for traffic on port 80 – to redirect to my 443 listener. Everything worked fine. We progressed with the project and at a certain time needed to remove the listeners.

From my previous experience I knew – you never delete rules first – delete the listener first. Since we did have a redirection I deleted port 80 listener first. Azure kindly deleted associated rule. At least it is disappeared Smile

Next I tried to delete 443 Listener and at that point got an error saying:

“Failed to save configuration changes to application gateway…. Error: Resource <Path to my 443 Listener> referenced by resource <Path to my HTTP-HTTPS redirection rule> was not found. Please make sure that the referenced resource exists and both resources are in the same region.”

Sounds weird taking in consideration I did not see the redirection rule in GUI.

So I brought Azure CLI (for some reasons MS provided commands for CLI, or maybe I just did not find those for PowerShell) and run

az network application-gateway redirect-config show -g <resource group name> –gateway-name <gateway name>

sure enough the rule was still there.

after that I run

az network application-gateway redirect-config delete –g <resource group name> –gateway-name <gateway name> –n <rule name>

and this time the rule was deleted completely.

After that the remaining listener was deleted without problems.

Azure: Azure File Sync–registered servers are offline

I am working with Azure File Sync service, it is GA last week and I have a Customer who requires a scenario where AFS can fit.

I tested workgroup servers with AFS in my Lab and everything was ok. After that I decided to check ACL transfer for domain machines. So I brought a DC and joined the servers to the domain. It was working and I successfully tested ACL transfer .

I finished tests, stopped VMs.

Today I started them back and found my AFS Service shows both servers offline and Server end-point Health is in Error state. I tried to restart services, reboot etc.. nothing helped. I tried to remove endpoint – the task failed with time out. Finally I succeeded to unregister one of servers and  re-install Storage Sync Client on it; rebooted and re-register. It came back nice and green.

So took a look at the dashboard and found the server name is changed to FQDN for the fixed server, but still a NETBIOS for the server who is offline state.

I guess if the server name changed, or a server is added to a domain the AFS client should be reinstalled…

image