Question

我有一个Azure应用程序网关，它有一个HTTP侦听器。现在，我想将http侦听器转换为https侦听器。我使用以下脚本来做到这一点。但这不起作用。

$appgw= Get-AzApplicationGateway -Name "AppGWname" -ResourceGroupName "RG Name"

#$listener= Get-AzApplicationGatewayHttpListener -Name listener1 -ApplicationGateway $appgw

$FEC= Get-AzApplicationGatewayFrontendIPConfig -Name "FrontendIP" -ApplicationGateway $appgw


Add-AzApplicationGatewayFrontendPort -ApplicationGateway $appgw -Name "Name of the Port" -Port 443 

$port = Get-AzApplicationGatewayFrontendPort -ApplicationGateway $appgw -Name "Name of Port"

$passwd = ConvertTo-SecureString  "Passoword" -AsPlainText -Force 


Add-AzApplicationGatewaySSLCertificate -Name "Name of the cert" -CertificateFile "Full path of the cert with.pfx" -Password $passwd -ApplicationGateway $appgw

$cert =Get-AzApplicationGatewaySSLCertificate -Name "Name of cert" -ApplicationGateway $appgw

Set-AzApplicationGatewayHttpListener -ApplicationGateway $appgw -Name "Name of the listener" -FrontendIPConfiguration $FEC -FrontendPort $port -Protocol Https -SslCertificate $cert

Answer 1

根据我的测试，运行上述PowerShell脚本后，需要运行命令Set-AzApplicationGateway。有关更多详细信息，请参阅Azure - Add http listener to existing ApplicationGateway through ps command。例如

Connect-AzAccount

$AppGWname ="stantest"
$groupName="stan"
$ipName="appGwPublicFrontendIp"
$portName="port_80"
$listenerName="test1"


$appgw= Get-AzApplicationGateway -Name $AppGWname -ResourceGroupName $groupName
$FEC= Get-AzApplicationGatewayFrontendIPConfig -Name $ipName -ApplicationGateway $appgw



Add-AzApplicationGatewayFrontendPort -ApplicationGateway $appgw -Name $portName -Port 80
$port =Get-AzApplicationGatewayFrontendPort -ApplicationGateway $appgw -Name $portName


Add-AzApplicationGatewayHttpListener -ApplicationGateway $appgw -Name $listenerName -FrontendIPConfiguration $FEC -FrontendPort $port -Protocol Http

Set-AzApplicationGateway -ApplicationGateway $appgw

Answer 2

有关使用SSL终结点配置应用程序网关或使用Portal或PowerShell进行端到端SSL的文档已有详细记录。参见下面的链接，

无法在应用程序网关中将http侦听器转换为https侦听器

2 个答案: