Share via

How to fix error: SSL_ERROR_UNRECOGNIZED_NAME_ALERT while browsing a web app

pgaddam 151 Reputation points
2023-03-31T21:57:42.3533333+00:00

Hello there, I get SSL_ERROR_UNRECOGNIZED_NAME_ALERT error when I browse a web app although it's cert and secret are valid.

When the certificate and passphrase are directly uploaded to application gateway listener the web app redirects properly and it works as expected.

As a security concern, I have uploaded the certificate to key vault, created a managed identity for application gateway and then assigned vault access policies of certificate management and secret management with (Get, List, etc.,); after this when I retrieve the certificate from key vault I see the above error.

Any leads anyone please?

Thanks!ssl-cert-error

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,359 questions
Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
1,116 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Givary-MSFT 35,131 Reputation points Microsoft Employee
    2023-04-11T08:36:45.3533333+00:00

    @pgaddam Thank you for reaching out to us, reached on this error SSL_ERROR_UNRECOGNIZED_NAME_ALERT and seems to be configuration issue with Azure Application Gateway settings (I have added the tag for the same) so that this post gets visibility and we get more help from them.

    As per my knowledge this error occurs, when application gateway resolving key vault to public ip, in my view Application Gateway Vnet must attach to private DNS zone of key vault endpoint.

    If the above suggestion doesnt help, Please send us an email on azcommunity [at] microsoft [dot] com referencing this issue with a subject line "ATTN:Givary" along with your Azure subscription id and we will help you with one time free support option on this.

    2 people found this answer helpful.
  2. Ed Harris 25 Reputation points
    2023-04-01T16:03:04.0333333+00:00

    The error message you are seeing is related to SSL certificate validation. It seems that there is a problem with the certificate validation when you retrieve it from key vault.

    One possible reason for this error could be that the certificate is not properly installed on your application gateway. You can check if the certificate is properly installed by following these steps:

    1. Go to your application gateway’s listener settings.
    2. Check if the certificate is properly installed and selected for use.

    If the certificate is properly installed, then you may want to check if there are any issues with your key vault access policies or permissions. You can also try to retrieve the certificate manually from key vault using Azure CLI or PowerShell to see if there are any issues with your code.

    You can also refer to the below linked Microsoft documentation for more information on how to troubleshoot SSL errors in Azure Application Gateway.

    I hope this helps!

    https://learn.microsoft.com/en-us/azure/application-gateway/disabled-listeners

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.