Root Certificates on Windows
I’m far from a PKI expert so I won’t be going into much detail as a lot of information around certificates can be found through a web search. I spent a considerable amount of time debugging an issue related to certificates and the trusted root store on Windows and I didn’t find much documentation discussing…
Exporting an App Service Certificate from Azure Key Vault to use elsewhere
Download the certificate from the Key Vault hosting the App Service Certificate. Double click on the exported PFX downloaded from Keyvault onto your Windows Machine. Navigate through the prompts on the screen, leaving the Password blank and marking the key as exportable Whever the cert was installed ie Personal store -> Right click on the…
Using MSI to call another Web/Function App
I see this question come up every so often around how to call another function or web app with MSI that is configured to use the built in Authentication. The steps to setting up the authentication and authorization can be found in steps 1-3 of this previous blog. The UX has since changed so I…
App Service Network Troubleshooting
My basic process behind debugging any sort of networking issue is to reduce the complexity of the issue and walk up the basic network stack. Often times we overlook a basic problem such as DNS resolution issues or the incorrect reference in code that can cause hours, days, or weeks going down a rabbit hole.…
The plight of the unrecognized IMEI
My parents arrived back from overseas with the international version of the Samsung S20. What we expected to be a simple process of going to ATT and activating the phones turned onto a 2 week long ordeal. What I’ve learned since is each phone has an IMEI number which is a unique number used to…
Azure Functions Access to Restricted Storage Accounts
With requirements for additional security, many customers have started enforcing network restrictions on their Azure storage accounts. This in turn can cause major issues with Azure Functions without the proper configuration, as Azure functions rely heavily on Azure storage for functionality. Background Azure storage There are two core concepts for Azure Functions related to Azure…
Troubleshooting Azure Functions
Troubleshooting Azure Function issues related to the host runtime can sometimes be cumbersome. Having worked in support for a number of years I’ve learned a couple useful tricks. Before we start understanding the behavior of each trigger type is very important. Here’s a previous blog that I use on a daily basis as my cheat…
Update ASE Cluster Settings without Azure Resource Explorer
Often customers using App Service Environment want to apply additional security features such as disabling TLS 1.0/1.1 or remove certain ciphers. In Azure Public you can use https://resources.azure.com to perform these actions. If you are working in any non-Azure Commercial clouds the existence of Azure Resource Explorer is not available. Here’s another programmatic method to…
Connecting to App Service’s Kudu endpoint programmatically
I recently worked on a case where a customer wanted to programmatically connect to Kudu. I’m not well versed in XML parsing (which Azure Powershell pulls for the publish profile) so I went the route of using the Azure CLI’s az rest command to pull the JSON publish profile and extracting the username and password.
TomEE with Azure Web Apps
I’m prefacing this that I am by no means a Java Developer or have a desire to become one :). This was a case related to configuring TomEE with Azure web apps. With IIS the httpPlatformHandler dynamically assigns a port to the process its communicating with (PHP, Nodejs, DotnetCore, Java, ect). Because of this the…
