Document Details

Self Signed Certificates
Home / Scan 41 / Self Signed Certificates
This page contains Windows bias

About This Page

This page is part of the Azure documentation. It contains code examples and configuration instructions for working with Azure services.
GitHub View on GitHub 📚 View on Microsoft Learn

Bias Analysis

Bias Types:
⚠️ windows_first
⚠️ windows_tools
⚠️ powershell_heavy
⚠️ missing_linux_example
Summary:
The documentation exhibits a moderate Windows bias. Windows and Windows-specific tools (IIS, PowerShell, Windows hosts file editing) are often mentioned first or exclusively, while Linux equivalents are less emphasized or omitted. The Azure PowerShell example is provided in detail, but there is no equivalent Azure CLI (cross-platform) example. References to editing the hosts file and importing certificates are Windows-centric, and the 'devx-track-azurepowershell' metadata further highlights a Windows/PowerShell focus.
Recommendations:
  • Provide Azure CLI examples alongside or before Azure PowerShell examples for certificate upload and Application Gateway configuration, as Azure CLI is cross-platform.
  • When referencing hosts file editing, include instructions or links for both Windows and Linux/macOS.
  • For web server configuration, ensure parity in detail and links for Apache, NGINX, and IIS, and avoid listing IIS first by default.
  • Mention OpenSSL installation instructions or package names for both Windows and Linux, not just a general statement.
  • Where screenshots or walkthroughs are provided for Windows tools (e.g., IIS), provide equivalent Linux examples (e.g., Apache/NGINX certificate import).
  • Review metadata and custom tags to ensure they do not signal a Windows/PowerShell-only focus if the content is intended to be cross-platform.
GitHub Create pull request

Scan History

Date Scan ID Status Bias Status
2025-07-12 23:44 #41 in_progress ❌ Biased
2025-07-12 00:58 #8 cancelled ✅ Clean
2025-07-10 05:06 #7 processing ✅ Clean
2025-07-09 23:22 #6 cancelled ✅ Clean

Flagged Code Snippets

## Add the trusted root certificate to the Application Gateway $gw=Get-AzApplicationGateway -Name appgwv2 -ResourceGroupName rgOne Add-AzApplicationGatewayTrustedRootCertificate ` -ApplicationGateway $gw ` -Name CustomCARoot ` -CertificateFile "C:\Users\surmb\Downloads\contoso.cer" $trustedroot = Get-AzApplicationGatewayTrustedRootCertificate ` -Name CustomCARoot ` -ApplicationGateway $gw ## Get the listener, backend pool and probe $listener = Get-AzApplicationGatewayHttpListener ` -Name basichttps ` -ApplicationGateway $gw $bepool = Get-AzApplicationGatewayBackendAddressPool ` -Name testbackendpool ` -ApplicationGateway $gw Add-AzApplicationGatewayProbeConfig ` -ApplicationGateway $gw ` -Name testprobe ` -Protocol Https ` -HostName "www.fabrikam.com" ` -Path "/" ` -Interval 15 ` -Timeout 20 ` -UnhealthyThreshold 3 $probe = Get-AzApplicationGatewayProbeConfig ` -Name testprobe ` -ApplicationGateway $gw ## Add the configuration to the HTTP Setting and don't forget to set the "hostname" field ## to the domain name of the server certificate as this will be set as the SNI header and ## will be used to verify the backend server's certificate. Note that TLS handshake will ## fail otherwise and might lead to backend servers being deemed as Unhealthy by the probes Add-AzApplicationGatewayBackendHttpSettings ` -ApplicationGateway $gw ` -Name testbackend ` -Port 443 ` -Protocol Https ` -Probe $probe ` -TrustedRootCertificate $trustedroot ` -CookieBasedAffinity Disabled ` -RequestTimeout 20 ` -HostName www.fabrikam.com ## Get the configuration and update the Application Gateway $backendhttp = Get-AzApplicationGatewayBackendHttpSettings ` -Name testbackend ` -ApplicationGateway $gw Add-AzApplicationGatewayRequestRoutingRule ` -ApplicationGateway $gw ` -Name testrule ` -RuleType Basic ` -BackendHttpSettings $backendhttp ` -HttpListener $listener ` -BackendAddressPool $bepool Set-AzApplicationGateway -ApplicationGateway $gw