As recommended on the Azure portal, we are trying to migrate our B2C application to using the b2clogin.com domain instead of login.microsoftonline.com
However, we are running into boggling issues accessing the [tenantName].b2clogin.com endpoints for 2 out of 3 of our B2C tenants (using either the Azure portal links/run now buttons, or directly navigating to the url).
Inside our network, using various browsers to navigate to
https://[tenant_name].b2clogin.com/[tenant_name].onmicrosoft.com/v2.0/.well-known/openid-configuration?p=[signUpSignPolicyName]
or
https://[tenant_name].b2clogin.com/tfp/[tenant_name].onmicrosoft.com/[signUpSignPolicyName]/v2.0/.well-known/openid-configuration
results in Site Can't be reached/Secure Connection Failed/Can't connect securely to this page .... might be because site uses outdated or unsafe TLS security settings/ etc.
I can however successfully access the "broken" b2clogin.com sites on my phone, which led my sysadmins to believe our org's restrictions on TLS inside the network may be the reason I cannot load the b2clogin pages inside the network, but my less stringent
restrictions on TLS on my phone are allowing me to see it.
My question is, why do the b2c tenants not all behave the same (since again, one of my tenants can use b2clogin.com just fine in all scenarios) and how can I resolve the b2clogin issues I am seeing for my other tenants? Is it in fact related to TLS settings
on those two tenants?
I have been going round and round and round with Azure support techs about B2C issues (of which we have seen several) but none of them seem to understand the actual issue. Can someone please help?
Thanks in advance
