Managed SSL in Azure

So I have a website hosted in an Azure Web App. Certificate expired and wanted to try out other SSL providers out there. Good thing that it seems Azure has already a Managed Certificate Service which is currently on preview. I wanted to try it out and share my experience here.

Summary:

1. Create App Service Managed Certificate over TLS/SSL Settings > Private Key Certificates of your Web App.

2. Bind your Managed Certificate to the Web App.

3. Optional but recommended, redirect to HTTPS only.

Overall, its a more pleasant experience and I consider this as an upgrade from my 4 part HTTP-SSL blog where I attempt to get SSL from Digicert, install the SSL and do some workarounds on auto redirection. That post is here if you are still interested: https://johndelizo.wordpress.com/2017/10/07/moving-to-ssl-https/

So, lets get started!

Open your Azure Portal and go to your WebApp and on the settings pane search for TLS or SSL. On the TLS/SSL settings page click Private Key Certificates and then Create App Service Managed Certificate.

clip_image002

On the Create App Service Managed Services pane, dropdown the app service host name that you wanted SSL for. Mine is my johndelizo.com so after the validation you will be able to press the create button.

A

Wait for the certificate to be created..

B

Once created, it will be available at the Private Certificates Table below.

C

You can click the certificate to check the details which includes the expiry date. Self note, don’t forget this time to renew clip_image006

D

Now to actually use the certificate, click Bindings tab of the TLS/SSL settings and click Add TLS/SSL binding. Choose the domain you are assigning the private certificate and the certificate.

clip_image009

After adding it should appear as a new binding with hostname on the table below.

F

As an optional but I do recommend, use HTTPS only. It should always redirect your site to HTTPS since you already have your shiny new SSL certificate on your site.

G

I am using Chrome to test and it took a few hard refresh to see the new certificate. Also checked the SSL certificate and its good. See that lock?

H

Saw that its GeoTrust – https://www.geotrust.com/ssl/

More info could be found here:

https://docs.microsoft.com/en-us/azure/app-service/configure-ssl-certificate?fbclid=IwAR171C3hYdIbXMdLZuN5pM2fZZwmh3UhZu_NLCDULUVj88hXlSn7ej6qZ18#create-a-free-certificate-preview

And thanks to Miguel and Azure Pilipinas FB page for the link!

Published by

johndelizo

Hi, I'm John. I am a developer, currently creating digital assets that protects people and their future. I am a certified SAFe Agilist, completing my LOMA certification, Microsoft Certified Developer (MCTS, MCPD), Azure certified and Microsoft Certified Trainer (MCT) alumni. I'm also a Microsoft MVP awardee for 8 years specializing Software Packaging, Deployment & Servicing as well as Cloud & Datacenter Management. Disclaimer: This is a personal blog. The opinions expressed herein are my own personal opinions and do not represent my employer’s view in any way. All content provided on this blog is for personal content and makes no representation as the accuracy or completeness of any information on this blog or found by following any link on this site.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s