I am having problems calling and HTTPS Rest Service on an application within the same VNet. I have created a number of Azure Functions that need to to communicate to a number of Web API using SSL on a separate VM. The application end point uses 3 certificates to authenticate and I have downloaded the public certificates, converted them to CRT format and added to the Azure Functioons.
When I make the call to the end point I get the following error. Can someone help please or advise what I may be doing wrong:
In terms of configuring Azure Functions I followed the following rules:
Private client certificate
A common use case is to configure your app as a client in a client-server model. If you secure your server with a private CA certificate, you will need to upload the client certificate to your app. The following instructions will load certificates to the truststore of the workers that your app is running on. If you load the certificate to one app, you can use it with your other apps in the same App Service plan without uploading the certificate again.
To upload the certificate to your app in your ASE:
Generate a .cer file for your certificate.
Go to the app that needs the certificate in the Azure portal
Go to SSL settings in the app. Click Upload Certificate. Select Public. Select Local Machine. Provide a name. Browse and select your.cer file. Select upload.
Copy the thumbprint.
Go to Application Settings. Create an App Setting WEBSITE_LOAD_ROOT_CERTIFICATES with the thumbprint as the value. If you have multiple certificates, you can put them in the same setting separated by commas and no whitespace like
84EC242A4EC7957817B8E48913E50953552DAFA6,6A5C65DC9247F762FE17BF8D4906E04FE6B31819
The certificate will be available by all the apps in the same app service plan as the app, which configured that setting. If you need it to be available for apps in a different App Service plan, you will need to repeat the App Setting operation in an app in that App Service plan. To check that the certificate is set, go to the Kudu console and issue the following command in the PowerShell debug console:
Thanks
Mike
