uamqp on linux can't establish connection over web socket to the service when there's an Azure Fire wall.
Root cause:
azure-c-shared-utility uses OpenSSL when running on Linux, but uses SChannel when running on Windows. By default, OpenSSL does not send an SNI extension during the SSL handshake but Windows SChannel does. When using Application Rules, if the SNI is missing, Azure Firewall drops the packet. Below I’m showing a screen capture of the firewall rules:
Reproduce:
A Linux VM as an event producer or consumer.
Event Hubs SDK
Setup the Event Hub Python client to send request using AMQP over Web Sockets
Place the Azure Firewall service between the Linux VM and Event Hubs via a UDR
Use the Azure Firewall’s “Application Rules” to allow the FQDN for the event_hub_namespacename.servicebus.windows.net:443 endpoint.
Problem:
uamqp on linux can't establish connection over web socket to the service when there's an Azure Fire wall.
Root cause:
azure-c-shared-utility uses OpenSSL when running on Linux, but uses SChannel when running on Windows. By default, OpenSSL does not send an SNI extension during the SSL handshake but Windows SChannel does. When using Application Rules, if the SNI is missing, Azure Firewall drops the packet. Below I’m showing a screen capture of the firewall rules:
Reproduce:
Related issue and pr: