We have onpremise web service (asp.net core mvc) deployed on local network machine. We are trying to call these WEB API using App Service deployed on Azure. But it is giving time out error or Task was cancelled error in case when we try to connect it using “HTTP” Protocol. In case of “HTTPS” it is giving “security error occurred error“.
We have created Hybrid connection on Azure App Service to connect to onpremise web api service which shows online for both 80 and 443 port. We have setup Hybrid Connection Manager on local network machine too.
Below is the code snippet for calling code which is deployed on Azure App Service (e.g. https://xyz.azurewebsite.com)
try
{
var httpClient = new HttpClient();
httpClient.Timeout = TimeSpan.FromMinutes(60);
httpClient.BaseAddress = new Uri("https://onpremise");
httpClient.DefaultRequestHeaders.Accept.Clear();
httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;
ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true;
//Simple Get Request to test on-premise service
var response = await httpClient.GetStringAsync("api/OnPremiseData/GetData");
ViewBag.ResponseText = response;
}
Above code works fine in case I debug application from localhost. So there is no issue with code I assume.
Below is web api code snippet:
[Route("api/[controller]/[action]")]
public class OnPremiseDataController : Controller
{
[HttpGet]
public string GetData()
{
return "Success";
}
}
and below is startup.cs file
public void ConfigureServices(IServiceCollection services)
{
services.AddCors();
services.AddMvc();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
app.UseCors(options => options.WithOrigins("https://xyz.azurewebsite.com", "https://localhost:44310").AllowAnyMethod().AllowAnyHeader());
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseMvc();
}
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
We had similar scenario (WebApp and SQL on-premise) and the trick was to use fully qualified domain name of the endpoint in Hybrid Connection Manager on the on-premise machine.
Method 2
Below is the solution for above question. Basically I have solved 2 problem.
First is using FQDN (fully qualified domain name) I am able to connect to on-premise services. Please make sure you are using FQDN while configuring endpoint in Hybrid connection on Azure.
Second, using below line of code I am able to make secure HTTPS request ot on-premise server:
HttpMessageHandler handler = new HttpClientHandler
{
SslProtocols = System.Security.Authentication.SslProtocols.Tls12 | System.Security.Authentication.SslProtocols.Tls11 | System.Security.Authentication.SslProtocols.Tls,
ServerCertificateCustomValidationCallback = (sender, cert, chain, sslPolicyErrors) => true
};
Below is complete solution of above problem :
HttpMessageHandler handler = new HttpClientHandler
{
SslProtocols = System.Security.Authentication.SslProtocols.Tls12 | System.Security.Authentication.SslProtocols.Tls11 | System.Security.Authentication.SslProtocols.Tls,
ServerCertificateCustomValidationCallback = (sender, cert, chain, sslPolicyErrors) => true
};
var httpClient = new HttpClient(handler);
httpClient.Timeout = TimeSpan.FromMinutes(60);
httpClient.BaseAddress = new Uri("https://onpremise");
httpClient.DefaultRequestHeaders.Accept.Clear();
httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
//Simple Get Request to test on-premise service
var response = await httpClient.GetStringAsync("api/OnPremiseData/GetData");
ViewBag.ResponseText = response;
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0