Configuring SSL certificates for an Azure website

Azure website fully supports SSL certificates by default. For example, if your website name is contoso-web, you can simply open the browser and access it using HTTP or https such as:

  • contoso-web.azurewebsites.net
  • contoso-web.azurewebsites.net

Azurewebsites.net domain is a shared domain and thus the wildcard certificate offering SSL is also shared. It provides you with the custom domain along with the SSL certificate. You may not want to use the shared domain for a public-facing site. Though there is always a support for cases where the shared domain is needed

Most of these websites have a custom domain and therefore its essential to configure SSL. Also, you need to make sure to set the website in standard mode to support the configuration process. Follow the below-listed steps to configure an Azure website with a custom domain. Keep in mind ,for configuring SSL for an Azure website with a custom domain, the website must be configured for Standard mode.

1. Obtaining an SSL certificate

A certificate authority must sign your SSL certificate, and the certificate must adhere to the following requirements:

  • The certificate must contains a private key.
  • The certificate must be created for key exchange that can be exported to a Personal Information Exchange (.pfx) file.
  • The certificate’s subject name must match the custom domain. If you have multiple custom domains for your website, the certificate will need to be either a wildcard certificate or have a subject alternative name (SAN).
  • The certificate should use 2048-bit (or higher) encryption. Uploading the SSL certificate to Azure

2. Upload the SSL certificate to Azure

Once you get the approved SSL certificate, you can post it to Azure using the management portal. For this purpose, click on the domains and SSL portion in the Site Setting blade for your website as demonstrated in Figure 1. It will provide you with the SSL settings blade for your site where you can upload the certificateSSL certificates for an Azure website 1

FIGURE 1 The Configuration section of the Website blade showing the Domains and SSL part

3. Configuring the SSL bindings

When the SSL certificate is uploaded to your azure website, the final step in this entire process is to configure the SSL bindings. Azure websites supports Server Name Indication (SNI) SSL and the standard IP-based SSL. You can align the SSL bindings in the management portal through the SSL settings blade as shown in Figure. For every binding, you need to specify the custom domain name, the SSL certificate required for the custom domain and choosing either SNI SSL or IP-based SSL. You can configure the SSL bindings in the management portal in the SSL Settings blade referenced as shown in Figure 2. For each binding you must specify the following:

  • The custom domain name.
  • The SSL certificate to use for the custom domain.
  • Select either SNI SSL or IP-based SSL.

Custom domain for Azure website 1

If you select IP-based SSL for your SSL binding and your custom domain is configured using an A record, then you will be provided with a new dedicated IP address to your website by Azure. This new IP address will be different from the prior one which you have used to configure the A record. Also, it is crucial to update the A record with your DNS registrar by using a fresh virtual IP address. You can find the virtual IP address in the management portal by clicking on the properties part of the website blade.

This article is a part of 70-533 Implementing Microsoft Azure Infrastructure Solutions Prep course.

More Articles included in this course are

article

Creating an Azure website

Creating an Azure website using  Portal, Powershell and CLI Creating an Azure website on Microsoft Azure Cloud starts with creating ...
Read More
article

Deployment slots in Azure website

Defining deployment slots in Azure website Deployment slots in Azure website are collection of individual Azure website linked to your ...
Read More
article

Publishing an Azure website

Publishing an Azure website using various methods For publishing an Azure website, the web application or code needs to be ...
Read More
article

WebJobs in Azure website

Introduction to WebJobs in Azure website and Deployment using Portal and Powershell Web Jobs in Azure websites are exclusive applications ...
Read More
article

Azure website settings

Introduction to Configuring the azure website settings The first step you will need to follow for an Azure website is to ...
Read More

Practice Tests in this course are

70-533 Implementing Microsoft Azure Infrastructure Solutions Practice Test 1

Instructions for Exam 70-533 Implementing Microsoft Azure Infrastructure Solutions Practice Test 1 This page shows the instructions for Exam 70-533 ...
Read More

70-533 Implementing Microsoft Azure Infrastructure Solutions Practice Test 2

Instructions for Exam 70-533 Implementing Microsoft Azure Infrastructure Solutions Practice Test 2 This page shows the instructions for Exam 70-533 ...
Read More

70-533 Implementing Microsoft Azure Infrastructure Solutions Practice Test 3

Instructions for Exam 70-533 Implementing Microsoft Azure Infrastructure Solutions Practice Test 3 This page shows the instructions for Exam 70-533 ...
Read More

70-533 Implementing Microsoft Azure Infrastructure Solutions Practice Test 4

Instructions for Exam 70-533 Implementing Microsoft Azure Infrastructure Solutions Practice Test 4 This page shows the instructions for Exam 70-533 ...
Read More

70-533 Implementing Microsoft Azure Infrastructure Solutions Practice Test 5

Instructions for Exam 70-533 Implementing Microsoft Azure Infrastructure Solutions Practice Test 5 This page shows the instructions for Exam 70-533 ...
Read More