Using Azure Traffic Manager with an App Service (HTTPS)

2
votes

I have an Azure App Service with HTTPs enabled only and Azure Active Directory as a way to Authenticate to the service.

I am planing to geo-locate my App Service on a second region but at the moment I am trying to test that Azure Traffic Manager works with my current site. However, there are few things that are confusing me:

  1. When I created the ATM, the DNS name was HTTP and not HTTPs. Seems there is no option to have a DNS name with HTTP.
  2. After I added the endpoint, I tried to navigate to the URL http://foo.trafficmanager.net and it redirects to https://foo.trafficmanager.net/ and shows the following error. This site is not secure. Seems there is a certificate error. Why is rerouting automatically to HTTPs now?

Is there any documentation step by step to configure ATM? I am not interested in purchasing a domain, I am totally fine with https://foo.trafficmanager.net/ as my URL as long as the connection is secure all the time.

1
azuressldnsazure-traffic-manager

1 Answers

2
votes

Azure Traffic Manager supports probing both over HTTPS and HTTP. For HTTPS:

  • Server-side certificates are not validated
  • SNI server-side certificates are not supported
  • Client certificates are not supported

There are more details you can take a look: FAQs and Traffic Manager endpoint monitoring.

With HTTPS, the monitoring port should change from 80 to 443 and also your monitoring path points to a valid page for your service.

Update

There is an issue that what does Azure Traffic Manager work. For more details, see What is Traffic Manager.

Azure Traffic Manager is a DNS-based traffic load balancer that enables you to distribute traffic optimally to services across global Azure regions while providing high availability and responsiveness.

The DNS of Traffic Manager itself just uses the HTTP protocol. But it can probe both HTTP and HTTPS. All the HTTPS for your application just set in your Web App Service.

Hope this will help you.