Hi Everyone.
We set up our AD CS to issue certs for our devices in the DMZ as per documentation and all is working fine.
We now have a requirement to not use that configuration however we need to use Azure Application Gateway as the load balancer solution. Has anyone achieved this?
We have been testing and we had to create brand new certificate through our PKI infra however we are getting nowhere. The only encouraging thing is that we see the request hitting the load balancer and it also registers in IIS however it seems empty. I am sure there is something going on with the certs there but i can't for the life of me pinpoint where the issue is.
AD CS is obviously creating self signed certs and if we use those certs the leaf there is no Root CA for that so it fails on the back end.
Any insights on how to recreate those certs ? Technically it should be possible to make it work, is this correct?
Thank you.
