question

MagnarWium-7538 avatar image
0 Votes"
MagnarWium-7538 asked ZeeshanAli-1276 edited

Why does cosmos allow me to use custom domains?

Hi,

I'm using private link with cosmos db in a hybrid environment where on-prem is paired with azue using express route gateway. I'm runing my own DNS-server on-prem.

In my quest for on-prem connectivity I tried to map the private ip of cosmos db to a public dns-zone azureservices.<my company>.com.

In my native this feels like a much simpler solution than the recomended approach of setting up a dns forwarder in azure

To my suprise this actually worked. I tested by replacing my custom domain in the connection string provided by azure and using it in the stadalone storage explorer. I able to browse collections, instert new documents etc.

I'ved traced the network traffic using wireshark I can see that storage explorer succesfully establish a tls channel with cosmos ( to the private ip held by the private link)

Can some one explain to me how this is possible? Should I not get an SSL error on the client side due to mistmatch in certificate host?

Is my approach a viable, and much simpler, solution to setting up a dns forwarder?


azure-virtual-networkazure-cosmos-dbazure-private-link
· 4
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@MagnarWium-7538

We are checking this and will get back to you,

Thanks
Navtej S

1 Vote 1 ·

@MagnarWium-7538 Just to let you know. We are actively looking into this and will get back to you soon with an update. Appreciate your patience in the meanwhile. Thank you!

0 Votes 0 ·

No worries @SaiKishor-MSFT . I appreciate you taking the time to look into this!

0 Votes 0 ·

Any update on this?

0 Votes 0 ·

0 Answers