Managed SSL in Azure

So I have a website hosted in an Azure Web App. Certificate expired and wanted to try out other SSL providers out there. Good thing that it seems Azure has already a Managed Certificate Service which is currently on preview. I wanted to try it out and share my experience here.

Summary:

1. Create App Service Managed Certificate over TLS/SSL Settings > Private Key Certificates of your Web App.

2. Bind your Managed Certificate to the Web App.

3. Optional but recommended, redirect to HTTPS only.

Overall, its a more pleasant experience and I consider this as an upgrade from my 4 part HTTP-SSL blog where I attempt to get SSL from Digicert, install the SSL and do some workarounds on auto redirection. That post is here if you are still interested: https://johndelizo.wordpress.com/2017/10/07/moving-to-ssl-https/

So, lets get started!

Open your Azure Portal and go to your WebApp and on the settings pane search for TLS or SSL. On the TLS/SSL settings page click Private Key Certificates and then Create App Service Managed Certificate.

clip_image002

On the Create App Service Managed Services pane, dropdown the app service host name that you wanted SSL for. Mine is my johndelizo.com so after the validation you will be able to press the create button.

A

Wait for the certificate to be created..

B

Once created, it will be available at the Private Certificates Table below.

C

You can click the certificate to check the details which includes the expiry date. Self note, don’t forget this time to renew clip_image006

D

Now to actually use the certificate, click Bindings tab of the TLS/SSL settings and click Add TLS/SSL binding. Choose the domain you are assigning the private certificate and the certificate.

clip_image009

After adding it should appear as a new binding with hostname on the table below.

F

As an optional but I do recommend, use HTTPS only. It should always redirect your site to HTTPS since you already have your shiny new SSL certificate on your site.

G

I am using Chrome to test and it took a few hard refresh to see the new certificate. Also checked the SSL certificate and its good. See that lock?

H

Saw that its GeoTrust – https://www.geotrust.com/ssl/

More info could be found here:

https://docs.microsoft.com/en-us/azure/app-service/configure-ssl-certificate?fbclid=IwAR171C3hYdIbXMdLZuN5pM2fZZwmh3UhZu_NLCDULUVj88hXlSn7ej6qZ18#create-a-free-certificate-preview

And thanks to Miguel and Azure Pilipinas FB page for the link!