2
我有一个现有的Azure云服务,它提供http和https端点。一切工作都很顺利。我最近被另一个组织要求在特殊端口上添加一个SSL端点以支持他们正在做的一些事情。所以,我在服务定义中添加了一个额外的端点并进行了重新部署。这里是我的csdef现在:Azure云服务的自定义端口号
<?xml version="1.0" encoding="utf-8"?>
<ServiceDefinition name="MyService" xmlns="http://schemas.microsoft.com/ServiceHosting/2008/10/ServiceDefinition" schemaVersion="2013-10.2.2">
<WebRole name="MyService.WebAPI" vmsize="Large">
<Sites>
<Site name="Web">
<Bindings>
<Binding name="Endpoint1" endpointName="NonSSL Endpoint" />
<Binding name="Endpoint2" endpointName="SSL Endpoint" />
<Binding name="Endpoint3" endpointName="SSL 5200" />
</Bindings>
</Site>
</Sites>
<LocalResources>
<LocalStorage name="localConfigStore" sizeInMB="1" />
</LocalResources>
<Endpoints>
<InputEndpoint name="NonSSL Endpoint" protocol="http" port="80" />
<InputEndpoint name="SSL Endpoint" protocol="https" port="443" certificate="mycert" />
<InternalEndpoint name="InternalHttpIn" protocol="http" />
<InputEndpoint name="SSL 5200" protocol="https" port="5200" certificate="mycert" />
</Endpoints>
<Imports>
<Import moduleName="Diagnostics" />
</Imports>
<ConfigurationSettings>
<Setting name="LocalStorageAccount" />
</ConfigurationSettings>
<Certificates>
<Certificate name="mycert" storeLocation="LocalMachine" storeName="My" />
</Certificates>
</WebRole>
</ServiceDefinition>
此部署罚款,我能够查询服务照常在端口80和443,但查询端口5200让我立即拒绝连接错误:
PS C:\Users\user> curl -k -v https://myservice.cloudapp.net:5200/api/health
* Hostname was NOT found in DNS cache
* Adding handle: conn: 0x4ae0a0
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x4ae0a0) send_pipe: 1, recv_pipe: 0
* Trying x.x.x.x...
* connect to x.x.x.x port 5200 failed: Connection refused
* Failed to connect to myservice.cloudapp.net port 5200: Connection refused
* Closing connection 0
curl: (7) Failed to connect to myservice.cloudapp.net port 5200: Connection refused
PS C:\Users\user>
如果我在Azure管理控制台中查看已部署的服务,则会看到所有三个端点,因此我认为我的配置中没有发生令人震惊的错误。是否还有其他事情需要我打开港口到外面的世界?还是Azure不允许的非标准端口?
如果从该端口删除SSL并转到http,会发生什么情况?你可以卷曲到其他端点吗? – trailmax
是的,我可以很好地打另外两个端点。我尝试将额外的端点切换到标准的http,它似乎工作,这不是我所期望的... – superstator