When I tried to configure a a URL into the ALLOWED EXTERNAL REDIRECT URLS text box, as shown in Figure 1, I received the following error. Failed to save Auth Settings for authenticated App: {"Code":"Conflict","Message":"Cannot update the site ‘******’ because Authentication / Authorization was configured with an invalid external redirect URL ‘***.***.***.***’. All configured URLs […]
Read More →Tags: Security
How to see the cipher suites on an Azure App Service
I wrote an article here about TLS 1.2 which listed out the cipher suite used to negotiate security settings (encryption) between a client and server via a Network Monitor trace. You can probably see the same using Wireshark. Regardless, here is a nice Wiki article about cipher suites. It was a journey getting to the […]
Read More →Azure Functions Access-Control-Allow-Credentials with CORS
There is a known issue documented on GitHub here with a title of Cross origin http request CORS fails with response header missing ‘Access-Control-Allow-Credentials: true’. Although the issue described and a solution provided, I thought I would write up what I did as I use C# and didn’t see any examples of that, so here […]
Read More →How to disable TLS 1.0 on an Azure App Service Web App
UPDATE as of 17-APR-2018 you can, read about that here. Short answer is, prior to 17-APR-2018, that you couldn’t. (see alternative solution below) The reason is that when you deploy an Azure App Service it goes into a multi-tenant scale unit. A scale unit looks something like Figure 1, which I stole from here. Also, […]
Read More →How to create a self-signed SAN certificate, wildcard certificate vs SAN
I have some domain names that I use for testing out Azure features, write some blogs and other fun stuff. I find myself needing, wanting to use HTTPS and using the instructions I wrote some time ago, see below, to create the certificate is long and tedious. I had an epiphany which lead me to […]
Read More →Set or change an Azure App Service file or folder permission
I was using FileZilla to try to change the file permissions and I got this error: Status: Setting permissions of ‘/site/wwwroot/index.html’ to ‘644’ Command: SITE CHMOD 644 index.html Response: 500 ‘SITE’: command not understood Status: Setting permissions of ‘/site/wwwroot/index.html’ to ‘755’ Command: SITE CHMOD 755 index.html Response: 500 ‘SITE’: command not understood Then I started […]
Read More →Machine Keys on an Azure App Service, machineKey multiple instances Azure
When you run an ASP.NET application on multiple instances of an App Service Plan (ASP) you do not need to worry about machineKeys as the App Service Platform will use the same one across all your instances and therefore will not need to make any changes to your application. I found this sample code and […]
Read More →Scan your App Service for vulnerabilities
A recent feature deployed for App Services (Web App, Mobile App, API App or Logic App) is a tool that can scan your App Service for vulnerabilities, announced here. Once you have signed up, you will see a link to your management console similar to that shown in Figure 1. Figure 1, check your App […]
Read More →Make a self-signed SHA256 SSL certificate
I wrote an article about making an SSL certificate using MAKECERT here, but that example used the default SHA1 signature hash algorithm which is deprecating. Therefore, instead of the command shown in Figure 6 on the referenced article, I recommend using this command, that includes the SHA256 attribute, similar to that shown in Figure 1: […]
Read More →Configure Application Request Routing with Windows Authentication, Kerberos
If you have not already read this article, please do which is a prequel to this one that explains the basic installation and configuration of ARR using anonymous authentication. The steps for configuring Application Request Routing (ARR) to use Windows Authentication -> Kerberos, are: Set authentication protocol on IIS (Server Farm) servers to Windows Authentication […]
Read More →