Azure Hybrid connection error - Microsoft.Azure.Relay.AuthorizationFailedException - InvalidSignature

Question

I'm connecting an AWS EC2 SQL Database instance/server with an Azure Web app, using a Hybrid connection. It was working but had sporadic errors so I thought I'd delete the connection in Azure, re-create it, re-install Hybrid Connection Manager on the DB Server, and then reconnect it all.

So the recreated hybrid connection is identical to the old one, same names, same everything.

But now the Hybrid Connection Manager on the AWS DB Server shows as 'connected' but when I try to connect via the web app (or use Azure's diagnostics/check connection strings), then I get this error:

[Win32Exception (0x80004005): The specified network name is no longer available]

If I go into Genie in the actual Web App and ask her to analyse the Hybrid connection, then I get this error:

The App Service instance that was using the Hybrid Connection has encountered errors. The following errors were detected:

Exception Details Microsoft.Azure.Relay.AuthorizationFailedException InvalidSignature

On the AWS DB Server I can do a

Test-NetConnection -computer myservicebusname.servicebus.windows.net -Port 443

And that resolves and says it can connect.

I can't find this InvalidSignature error on internet searches so I'm at a bit of a loss how to fix it! Any ideas?

Answer 1

This error was due to an invalid DNS entry on a server in the AWS VPC that was resolving some internal domain names to the wrong IP. Do an nslookup [endpoint] on the machine the HCM is on to check this is being resolved correctly.

Also check there are no old references to the hybrid connections that you have missed - check the number of listeners for example and make sure it matches up - I had some old hanging references in random web apps that confused this issue.