You have configured SSL for the connection between Azure Cloud Application Gateway and the servers in the backend pool. For the shipping portal, you need full end-to-end encryption. To do this, you’ll also need to encrypt the messages that the client sends to Application Gateway.
Create a frontend port
Application Gateway receives requests through one or more ports. If you’re communicating with the gateway over HTTPS, you should configure an SSL port. Traditionally, HTTPS uses port 443.
Use the az network application-gateway frontend-port create command to create a new frontend port. The following example shows how to create a frontend port for port 443:Read more
You want to implement end-to-end encryption for the shipping portal application. Encrypting all data between users and servers will help ensure that no unauthorized user can intercept and read the data.
In this unit, you’ll set up the web application and the application gateway. Next, you’ll create some self-signed SSL certificates and enable encryption in your backend pool to help secure the traffic from the application gateway to your servers.
The following image highlights the elements you’ll configure in this exercise. You’ll be setting up an application gateway by using Azure Application Gateway v2.
The back-end pool contains the servers that implement the application. Azure Application Gateway routes requests to these servers, and can load balance the traffic across these servers.
In the shipping portal, the application servers in the back-end pool must use SSL to encrypt the data that passes between Application Gateway and the servers in the back-end pool. Application Gateway uses an SSL certificate with a public key to encrypt the data. The servers use the corresponding private key to decrypt the data as it’s received. In this unit, you’ll see how to create the back-end pool and install the necessary certificates in Application Gateway to help protect the messages that are transmitted to and from the back-end pool.Read more
Encrypting your data while it’s in transit is an important step toward securing your applications. You can purchase certificates from a certificate authority and use them to encrypt the messages that pass in and out of your servers. This prevents unauthorized users from intercepting and examining the information in these messages while they’re being transmitted.
In the shipping portal, encryption is important because we’re dealing with shipping customer orders. If someone can access the transmitted data, they can view sensitive information, such as customer details or financial account data.Read more
Companies that build web apps commonly hire developers for different roles. Some developers create back-end, server-side logic. Others build client-side web apps. These developers often use different development languages and technologies.