Friday, February 21, 2025

Azure App Service Managed Cert Bindings

Recently we've been experiencing issues adding domain bindings to our app services that are hosted behind traffic manager.

Key Takeaways

  • Azure seriously struggles and often fails to attach app service bindings to the Traffic Manager instance that they sit behind.  This used to work fine, but recently started failing.  When we configure geo-redundant app services, host them behind a Traffic Manager that uses Performance routing, and then try to assign SSL bindings to the Traffic Manager hostname using App Managed Certs the process almost always fails (and takes a long time to do so). 
  • To get Traffic Manager bindings you must use Priority routing in Traffic Manager and you'll only then be able to apply bindings to the instance that is the top priority.  You must then cycle through each app service updating the bindings for each service when it's configured as the most prioritized route.
  • Custom Domain names work fine.  Bindings get applied just fine using TM Performance based route even with App Managed Certs.  These certs all get deployed quickly without issue.  This is the part that's a bit confusing and that Microsoft Support failed to explain.

Posted by at No comments:

Friday, February 18, 2022

Learnings as of February 2022

.NET 6.0 Overview

SameSite settings that broke our login page

https://devblogs.microsoft.com/dotnet/upcoming-samesite-cookie-changes-in-asp-net-and-asp-net-core/

Covid Standard Time

Covid Standard Time

Posted by at No comments:

Thursday, October 28, 2021

Latest as of 10/26/2021

Recently I've been working with the following:

Azure Managed Certificates

  • Azure Managed Certificates became GA in March of this year.  I've now used them across dozens of my personal and business services to bind to custom domain names and to Traffic Manger.  They're really handy.

Azure Resource Locking

  • Finally implemented Azure Resource Locking for all my team's resources.   On my old team the developers had limited permissions when it came to creating, editing, and deleting resources.  However, on my new team the developers have Contributor access so can accidentally or maliciously edit and delete resources.  I implemented Resource Locks in our pipelines to prevent accidental changes to our resources.   This helps me sleep at night.   Our automated pipelines could always re-deploy most resources.  However, there'd be downtime if Compute got deleted or broken and there'd much worse implications if our Data resources got deleted.

Azure DevOps Whitelisting ServiceTags

  • I also just implemented IP Whitelisting for Azure DevOps.  This used to be hard or impossible, but as of recently there are service tags for AzureDevOps.


Posted by at No comments:

Tuesday, June 15, 2021

Latest Happenings as of June 2021

 Azure B2C

  • Azure B2C is an Identity provider used by businesses to manage their customer accounts.  I've been using this at work now and having some fun learning some new tech.

Azure App Service Certificates

  • For a long time now SSL certificates have been available for free from LetsEncrypt.  Now they're free from Azure as well.  As of May 25, 2021 Azure App Managed Certificates are Generally Available.  I'm not using these for a variety of services and have used them to bind my applications to both custom domain names as wells as Azure host names for Traffic Manager.
Tools
Finds:
  • API Intersection Podcast: hosted by the folks at Stoplight, this podcast dives into best practices around API design.  It's fairly new and seems to include new episodes every Thursday.  Perfect for my summer lunch jogs.

Posted by at No comments:

Thursday, March 11, 2021

How to Link a Custom Domain to My Okta Tenant

 I have a developer tenant in Okta and would like to add a custom domain.  This should be possible, all I need is a few things:

  1. A Developer Okta tenant
  2. My own custom domain
  3. A certificate, which I will get by using Lets Encrypt

Read more »
Posted by at No comments:

Monday, October 12, 2020

Error retrieving certificates from Azure Key Vault

When retrieving certificates from Azure Key Vault I get the following error in my .NET Core 3.1 app service.  The file is read from the Key Vault just fine, but throws an exception when converting the secret to a x509 certificate:

Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException at Internal.Cryptography.Pal.StorePal.FromBlobOrFile

Read more »
Posted by at No comments:

Friday, April 24, 2020

VERY Slow Windows 10 Right Click

For a while now whenever I R-click in my Windows 10 File Explorer the system hangs for about 10 seconds and then finally responds.  I've cleaned out a few of the programs that show up in the context menu, but no luck.  I just found this article, which sounds promising.

https://www.raymond.cc/blog/fix-for-very-slow-or-hang-when-right-click-on-a-file-or-folder/

Awesome!! This worked.  Following these steps and running ShellXView to see the context menu programs was VERY eye opening.  There are about 40 programs using the context menu.  In my case it was TortoiseGit that was slowing me down.  Once I realized that it was the culprit, I uninstalled it (since I no longer need it) and now my life is 1000% times better.  R-click is lightning fast again. 
Posted by at 3 comments:
Subscribe to: Posts (Atom)