Azure service management api 403 forbidden when use network proxy

0
votes

I did a console application to manage the azure server using the azure service management rest API. And I followed the instructions from http://msdn.microsoft.com/en-us/library/windowsazure/gg651127.aspx to create certificate, upload to azure under subscription level. import to local My(personal) folder. everything works well. I can get the hosted services. create new host service.

but when I used a web proxy on my machine. the response always be 403 Forbidden. I tried to set the proxy in HttpWebRequest, but still the same error.

Also, I run this console application in a aws EC2 and have the same 403 Forbidden error(maybe EC2 also use proxy?).

Suppose the proxy server should forward the web request to azure management rest API server with the certificate, but I guess it's not. someone told me maybe this certificate only self generated and not valid. so the proxy server refused it. not sure if that is the cause.

1
azurehttp-status-code-403azure-api-management
Can you check the request headers using Fiddler?Alex Filipovici
Hi Alex,the console app works if I don't use network proxy on my machine. so I think the request should be correct.forrest wang
Could you post a sample of the request headers?Alex Filipovici
Have you tried using a different proxy?Alex Filipovici
What's the name of the proxy server you're using?Gaurav Mantri

1 Answers

0
votes

Azure Management APIs require signed headers. Some proxies makes changes (add/modify) header tags which would then invalidate the signature and cause the 403.

w.r.t. EC2 - did you install your management certificate on the VM? Without it the request will fail with a 403.

One of the suggestions is to use Fiddler to compare the request before & after the proxy. That will tell you what (if anything) is changing.