0

I'm trying to run a blazor app in an webapp in azure but the database is in a local domain. So Azure hybrid connection is a good idea to get on the local domain. Due to some restrictions we cannot directly link to the database and chose to create an api in the local domain to do this for us. The communication between the azure webapp and the local api goes trough grpc-web. While it is working from my local machine to the server running the api in IIS calling the api from azure results in the following error:

Grpc.Core.RpcException: Status(StatusCode="Internal", Detail="Error starting gRPC call. HttpRequestException: An attempt was made to access a socket in a way forbidden by its access permissions. (:443) SocketException: An attempt was made to access a socket in a way forbidden by its access permissions.")

My question now is can I do a grpc-web call over a hybrid connection? Reading up on hybrid connections I found that it should support the communication between grpc calls.

In the hybrid connection manager it states that the connection is available and up. I can also tcpping to the machine running the api from azure.

thank you in advance.

Peter Csala
  • 17,736
  • 16
  • 35
  • 75
linmic
  • 139
  • 2
  • 10
  • Port 443 is a secure port. You may have a TLS issue. I would use a sniffer like wireshark or fiddler and compare the TLS version of working and non working. If you can't use sniffer on IIS then use a machine in the same subnetwork with sniffer installed. – jdweng Oct 19 '20 at 14:38
  • for testing purpuses i changed the servercertificatecustomvalidationcallback to always return true. could it be that although i set this the certificate could still be the problem? – linmic Oct 20 '20 at 06:14
  • I do not think it disables the check when a standard validation is used . Only will work when a custom validation is used. See : https://learn.microsoft.com/en-us/dotnet/api/system.net.servicepointmanager.servercertificatevalidationcallback?view=netcore-3.1 – jdweng Oct 20 '20 at 09:29
  • oke, i have disabled the httpsredirecting en removed de https bindings in iis however i do still get these errors only it shows nog port 80 instead of port 443. I think it is the combination of grpc-web and azure hybrid connection because rest calls do work without any problem on plain http – linmic Oct 20 '20 at 10:03
  • Looks like server works with both http (80) and https (443). You just haven't gotten the correct TLS version (or encryption mode) to use https. So your Core or lower level Kernel might not support TLS 1.2/1.3 or you are still using TLS 1.0/1.1 which is no longer supported. – jdweng Oct 20 '20 at 10:30
  • Were you ever able to figure out what the problem was? – WBuck Nov 24 '21 at 13:46

0 Answers0