azure private endponit and private dns zone not working on different subscription?

thanakrit rungchatkamol 1 Reputation point
2024-12-13T04:00:14.61+00:00

Hi All,

I have issue about all azure service disable public access and enable private endpoint access only. I've 2 subscription, i deploy azure services for support ai search solution on subscriton A as spoke network and subscription B as Hub network connectivity service deployment. in subscription A and i has enable private endpoint on those services such as Web app, MySQL, AI Search and etc.

but when enabled private endpoint and disable public access for all services. i get error massage "Error Status: 400 : E1-D0038:Exception while generating response stream: Cannot connect to host xxxx.privatelink.search.windows.net:443 ssl:True [SSLCertVerificationError: (1, "[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: Hostname mismatch, certificate is not valid for 'xxxx.privatelink.search.windows.net'. (_ssl.c:1007)")]"

what's wrong configuration? Private DNS zone deploy on subscription B but azure service for support all ai solution deploy on subscription A including virtual network (Vnet peering form subscription A to subscription B already)

error message like can't resolve DNS because we use Private DNS zone and Private Endpoint in different subscription? How should I fix this?

BR,

Thanakrit

Azure AI Search
Azure AI Search
An Azure search service with built-in artificial intelligence capabilities that enrich information to help identify and explore relevant content at scale.
1,118 questions
Azure Database for MySQL
Azure Database for MySQL
An Azure managed MySQL database service for app development and deployment.
874 questions
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.