I've been able to get this to work locally using the following Settings.xml file.
<Section Name="ReplicatorSecurityConfig">
<Parameter Name="CredentialType" Value="X509" />
<Parameter Name="FindType" Value="FindByThumbprint" />
<Parameter Name="FindValue" Value="InsertLocalhostThumbprintHere" />
<Parameter Name="StoreLocation" Value="LocalMachine" />
<Parameter Name="StoreName" Value="My" />
<Parameter Name="ProtectionLevel" Value="EncryptAndSign" />
<Parameter Name="AllowedCommonNames" Value="localhost" />
</Section>
This however does not work in the real cluster in Azure that was setup securely using a cert. Here is my modified Settings.xml that I thought would work but it is not.
<Section Name="ReplicatorSecurityConfig">
<Parameter Name="CredentialType" Value="X509" />
<Parameter Name="FindType" Value="FindByThumbprint" />
<Parameter Name="FindValue" Value="InsertClusterThumbprintHere" />
<Parameter Name="StoreLocation" Value="LocalMachine" />
<Parameter Name="StoreName" Value="My" />
<Parameter Name="ProtectionLevel" Value="EncryptAndSign" />
<Parameter Name="AllowedCommonNames" Value="testapp1.eastus.cloudapp.azure.com" />
</Section>
What happens on the real cluster in azure is the Secondary get stuck in status "In Build" and their role says IdleSecondary instead of the normal ActiveSecondary that I'm used to.
What settings should I use for AllowedCommonNames? What exactly is this doing? Why does it not use RemoteCommonNames? I thought AllowedCommonNames was deprecated in favor of RemoteCommonNames. I've tried, even locally if I modify AllowedCommonNames to RemoteCommonNames it breaks my service locally.
Any help is appreciated.