Hi @Andi Leka
Welcome to Microsoft Q&A platform and thanks for posting your question here.
The SSL connection issue you’re facing particularly the RemoteCertificateNameMismatch error, suggests that the hostname you’re using in your HttpClient request does not match the Common Name or Subject Alternative Name in the SSL certificate presented by the server. This issue when dealing with SSL/TLS certificates, especially in environments with reverse proxies like Cloudflare and NGINX.
When you configure HttpClient using HttpClientFactory, it’s crucial to ensure that the HttpClientHandler is set up to use the correct SSL settings. This includes specifying the server certificate validation callback if necessary.
The SSL certificate validation process involves checking whether the certificate is issued by a trusted Certificate Authority, whether it is not expired, and whether the hostname used in the request matches the CN or SAN in the certificate.
With Cloudflare and NGINX acting as reverse proxies, they might be presenting a different certificate than the one configured in Azure, leading to the name mismatch error.
If the call works for one Azure subscription but not the other, it’s possible that the SSL certificate configurations differ between the two environments, or there might be specific network or DNS settings in place that affect the SSL handshake process.
To resolve the issue, you can check the SSL certificates on both azure subscriptions and ensure they are correctly installed and configured. Ensure that the DNS settings are correctly pointing to the intended servers and that any CNAME records are correctly set up. If you’re using Cloudflare, check the SSL/TLS settings in the Cloudflare dashboard. For NGINX, review the SSL configuration to ensure its serving the correct certificate.
As a last resort, you can implement custom server certificate validation logic in your HttpClientHandler to handle specific cases like this, but it’s generally not recommended to bypass SSL validation as it can introduce security risks.
While the Microsoft documentation might not have a specific solution for SSL certificates related to Synapse, the general guidance on handling SSL issues in .NET applications should still apply.
Hope this helps. Do let us know if you any further queries.
If this answers your query, do click Accept Answer
and Yes
for was this answer helpful. And, if you have any further query do let us know.