I have deployed a service fabric cluster (not managed) using the certificate common names:
"properties": {
"certificateCommonNames": {
"commonNames": [
{
"certificateCommonName": "[parameters('clusterCertificateCommonName')]",
"certificateIssuerThumbprint": ""
}
],
"x509StoreName": "[parameters('certificateStoreValue')]"
},
"clientCertificateCommonNames": [
{
"isAdmin": true,
"certificateCommonName": "[parameters('clientCertificateCommonName')]"
}
],
Write-Host "Get Service Fabric certificate from KeyVault"
az keyvault certificate download --vault-name $KeyVaultName --name $CertificateName --file cert.pem --encoding PEM
Write-Host "Get certificate content from cert.pem"
$certContent = Get-Content -Path cert.pem
Write-Host "Save the content in local share folder as cert.crt"
$certContent | Add-Content -Path /usr/local/share/ca-certificates/cert.crt
Write-Host "Run updates on certificates to import the new certificate"
bash -c "update-ca-certificates"
$StoreName = [System.Security.Cryptography.X509Certificates.StoreName]::My
$StoreLocation = [System.Security.Cryptography.X509Certificates.StoreLocation]::CurrentUser
$Store = [System.Security.Cryptography.X509Certificates.X509Store]::new($StoreName, $StoreLocation)
$Flag = [System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]::Exportable
$Certificate = [System.Security.Cryptography.X509Certificates.X509Certificate2]::new("./cert.pfx", "", $Flag)
$Store.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadWrite)
$Store.Add($Certificate)
$Store.Close()
Connect-SFCluster -ConnectionEndpoint $connectionEndpoint -X509Credential -StoreLocation 'CurrentUser' -StoreName 'My' -ServerCommonName $CertificateCommonName -FindType 'FindBySubjectName' -FindValue $CertificateCommonName -ClientTimeout 1800
Microsoft.ServiceFabric.Client.Exceptions.ServiceFabricRequestException: Connection timed out (bapsa1f62fccluster.eastus.cloudapp.azure.com:19080)
---> System.Net.Http.HttpRequestException: Connection timed out (bapsa1f62fccluster.eastus.cloudapp.azure.com:19080)
---> System.Net.Sockets.SocketException (110): Connection timed out
at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.ThrowException(SocketError error, CancellationToken cancellationToken)
at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.System.Threading.Tasks.Sources.IValueTaskSource.GetResult(Int16 token)
at System.Net.Sockets.Socket.<ConnectAsync>g__WaitForConnectWithCancellation|277_0(AwaitableSocketAsyncEventArgs saea, ValueTask connectTask, CancellationToken cancellationToken)
at System.Net.Http.HttpConnectionPool.ConnectToTcpHostAsync(String host, Int32 port, HttpRequestMessage initialRequest, Boolean async, CancellationToken cancellationToken)
--- End of inner exception stack trace ---
at System.Net.Http.HttpConnectionPool.ConnectToTcpHostAsync(String host, Int32 port, HttpRequestMessage initialRequest, Boolean async, CancellationToken cancellationToken)
at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
at System.Net.Http.HttpConnectionPool.AddHttp11ConnectionAsync(HttpRequestMessage request)
at System.Threading.Tasks.TaskCompletionSourceWithCancellation`1.WaitWithCancellationAsync(CancellationToken cancellationToken)
at System.Net.Http.HttpConnectionPool.GetHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
at System.Net.Http.HttpConnectionPool.SendWithVersionDetectionAndRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken)
at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
at System.Net.Http.HttpClient.<SendAsync>g__Core|83_0(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationTokenSource cts, Boolean disposeCts, CancellationTokenSource pendingRequestsCts, CancellationToken originalCancellationToken)
at Microsoft.ServiceFabric.Client.Http.ServiceFabricHttpClient.SendAsyncHandleSecurityExceptions(Func`1 requestFunc, String clientRequestId, CancellationToken cancellationToken)
--- End of inner exception stack trace ---
at Microsoft.ServiceFabric.Client.Http.ServiceFabricHttpClient.SendAsyncHandleSecurityExceptions(Func`1 requestFunc, String clientRequestId, CancellationToken cancellationToken)
at Microsoft.ServiceFabric.Client.Http.ServiceFabricHttpClient.SendAsyncHandleUnsuccessfulResponse(Func`1 requestFunc, Uri requestUri, String clientRequestId, CancellationToken cancellationToken)
at Microsoft.ServiceFabric.Client.Http.ServiceFabricHttpClient.SendAsyncGetResponse[T](Func`1 requestFunc, String relativeUri, Func`2 deserializeFunc, String requestId, CancellationToken cancellationToken)
at Microsoft.ServiceFabric.Powershell.Http.ConnectClusterCmdlet.ProcessRecordInternal()
at Microsoft.ServiceFabric.Powershell.Http.CommonCmdletBase.ProcessRecord()
Does anyone know about this issue? I can connect to the cluster from Windows machine.