I am looking into using a service fabric cluster for a service with a public API. When creating a service fabric cluster I have the ability to choose either secured mode and use a certificate, or use unsecured mode.
In unsecured mode, anyone can call the API which is what I want, however it also means that anyone can go to the management page at *northeurope.cloudapp.azure.com:19080 and do anything which is obviously not ok.
I tried using the secure mode with a certificate, and this prevents anyone without the certificate from using the management page, but also seems to prevent anyone calling the API.
Am I missing something simple? How do I keep the management side of the cluster secured, while making the API public so that anyone can call it?
Edit: After looking more carefully it seems to me that the intended behaviour is that as I've configured a custom endpoint when setting up the cluster that I should be able to call the service. So I believe it may just be an error in my code.
