Loading....
Lab
Cloud Vendor Microsoft Azure
Proficiency Level Cloud Enthusiast
Tags Application GatewayCertificatesLoad BalancerWeb Server

Summary

In this lab, you will configure HTTPS Listener in an Application Gateway in Microsoft Azure. You will upload a self-signed certificate to the Application Gateway and will disable the HTTP listener to allow only secure traffic.

Each exercise below builds upon the previous one. You should start each new exercise from the last step of the previous exercise unless it is explicitly written otherwise.

Learning Objectives

After completion of this lab, you will be able to:

  • Upload a self-signed certificate to an Application Gateway in Microsoft Azure
  • Configure and HTTPS Listener on the Application Gateway to enable secure Web traffic
  • Disable the HTTP Listener on the Application Gateway to avoid unsecured traffic

Prerequisites

To complete this lab, you will need the following:

Exercise #1: Add an HTTPS Listener in Azure Application Gateway

In this exercise, you will add an HTTPS Listener in the Application Gateway in Microsoft Azure.

Steps

  1. Sign into the Microsoft Azure Management Portal at http://portal.azure.com using your Microsoft Account
  2. Click on the button in the left-hand navigation
  3. Find the networkinglab01-rg and click on it
  4. From the list of resources in the networkinglab01-rg resource group, find the networkinglab01-ag Application Gateway and click on it
  5. Click on the button in the Application Gateway blade
  6. Click on the button on the top of the Listeners blade
  7. In the Add basic listener blade, fill in the following information in the form:
    Listener name: https-listener
    Frontend IP: Public
    Port: 443
    Protocol: HTTPS
  8. In the HTTPS Certificate section of the Add basic listener blade, fill in the following information:
    Choose a certificate: Upload a certificate
    PFX certificate file: Choose the self-signed certificate with PFX extension you have created in the Prerequisites
    Certificate name: [uour_name]-self-signed.key.pfx
    Password: Type the password for your certificate
  9. Click on the button
  10. Click on the button on the top of the blade
  11. Wait until the Application Gateway configuration is saved
  12.  Milestone step:  At this point, you have learned how to add an HTTPS Listener to the Application Gateway

Exercise #2: Configure an HTTPS Rule in Azure Application Gateway

In this exercise, you will configure an HTTPS Rule in the Application Gateway in Microsoft Azure.

Steps

  1. Click on the button in the Application Gateway blade
  2. Click on the button on the top of the Rules blade
  3. In the Add basic rule blade, fill in the following information in the form:
    Name: https-rule
    Listener: https-listener
    Backend pool: networkinglab01-ag-bepool
    HTTP setting: http-besetting
  4. Click on the button
  5. Wait until the Application Gateway configuration is saved
  6.  Milestone step:  At this point, you have learned how to add an HTTPS Rule to the Application Gateway

Exercise #3: Testing the HTTPS Configuration for Azure Application Gateway

In this exercise, you will test the HTTPS Rule and the certificate that you configured in the Application Gateway in Microsoft Azure.

Steps

  1. Click on the button in the Application Gateway blade
  2. Copy the Frontend public IP address from the Overview blade. You will use this IP address in the next step
  3. Open a new browser window and type the following in the address bar
    https://[application_gateway_ip_address]
  4. You will receive a Security Risk warning
  5. Click on the button
  6. Click on the View Certificate link
  7.  Milestone step:  You should see the information that you have typed during creation of the self-signed certificate
  8. Click on the button to close the pop-up window
  9. Click on the button to continue to the page
  10.  Milestone step:  At this point, you have learned how to test the HTTPS Rule and the certificate added to the Application Gateway

Exercise #4: Remove the HTTP Rule from Azure Application Gateway

In this exercise, you will remove the HTTP Rule the Application Gateway in Microsoft Azure to disable insecure traffic.

Steps

  1. Click on the button in the Application Gateway blade
  2. Click on the button next to the http-rule rule in the Rules blade
  3. Select Delete from the drop-down menu
  4. Wait until the Application Gateway configuration is saved
  5.  Milestone step:  At this point, you have learned how to remove the HTTP Rule from the Application Gateway

Exercise #5: Testing the HTTPS Configuration for Azure Application Gateway

In this exercise, you will test the HTTPS Rule and the certificate that you configured in the Application Gateway in Microsoft Azure.

Steps

  1. Click on the button in the Application Gateway blade
  2. Copy the Frontend public IP address from the Overview blade. You will use this IP address in the next step
  3. Open a new browser window and type the following in the address bar
    http://[application_gateway_ip_address]
  4. You will receive a time-out error from the browser
  5.  Milestone step:  At this point, you have learned how to test the removal of the HTTP Rule from the Application Gateway

 

Last Update: October 25, 2019  

October 22, 2019   179   Toddy Mladenov    Networking, Security And Compliance    
Total 0 Votes:
0

Tell us how can we improve this post?

+ = Verify Human or Spambot ?

Back To Top