After I was able to have HTTPS with a self-signed certificate on Application Gateway it was the time to redirect all HTTP communication to HTTPS. For that Microsoft offers only a PowerShell solution, you are not able to do that on the Portal. So in my life it was the first time I had to use PowerShell. Actually I was surprised. To write and test a PowerShell script for Azure is relative easy. But the way to get there is full of traps.
Microsoft does not offer PowerShell officially on the Azure Portal. Please tell me why? It has a kind of a bash shell. What a linux shell has to do on a Microsoft Cloud? Is it Linux based solution or what? I would not be surprised. But you can only have that shell if have storage mounted. And of course you have to pay for the storage. Clever isn’t it?
You can have a beta version of PowerShell if you request an access as a beta tester. So you have to find a WIndows desktop with PowerShell installed. Once you have found one install Azure PowerShell.
The documentation for that can be found here:
Please note that you cannot install it as a Module (Get-Module AzureRM) if you are behind a proxy. Or at least it will make you sweat. You can find an installer on the Azure download site:
When you are ready you can login easily typing
- Type your credentials.
- Change to the subscription you want to manage.
Finally there is a good Microsoft documentation on how to redirect the HTTP communication to HTTPS. You can find it here:
I had to modify a little bit since I had have some features already installed so here is my code:
# Get the application gateway $gw = Get-AzureRmApplicationGateway -Name devGateway -ResourceGroupName MyResourceGroupName # Get the existing HTTPS listener, because it had already exists $httpslistener = Get-AzureRmApplicationGatewayHttpListener -Name PathBaseListenerHTTPS -ApplicationGateway $gw # Get the HTTP listener, because it had already exists $listener = Get-AzureRmApplicationGatewayHttpListener -Name PathBasedListner -ApplicationGateway $gw # Add a redirection configuration using a permanent redirect and targeting the existing listener Add-AzureRmApplicationGatewayRedirectConfiguration -Name redirectHttptoHttps -RedirectType Permanent -TargetListener $httpslistener -IncludePath $true -IncludeQueryString $true -ApplicationGateway $gw # Get the redirect configuration $redirectconfig = Get-AzureRmApplicationGatewayRedirectConfiguration -Name redirectHttptoHttps -ApplicationGateway $gw # Add a new rule to handle the redirect and use the new listener Add-AzureRmApplicationGatewayRequestRoutingRule -Name rule02 -RuleType Basic -HttpListener $listener -RedirectConfiguration $redirectconfig -ApplicationGateway $gw # Update the application gateway Set-AzureRmApplicationGateway -ApplicationGateway $gw