I recently had the opportunity to setup an SSL Certificate on the Azure App Services cloud hosting platform. Importing an App Service Certificate appears seamless. I, however, had the joy of figuring out how to setup an external SSL certificate purchased from GoDaddy.
I'm here to save you time and money! Lets get your SSL Certificate setup!
Prerequisite — OpenSSL
The official Microsoft documentation recommends the use of either Certreq.exe, IIS Manager or OpenSSL.
I highly recommend using OpenSSL as you can quickly follow these steps. You can easily find instructions for installing it on Windows, Mac & Linux.
Setup GoDaddy SSL On Azure App Services
The following directions are explicit to GoDaddy however you should be able to tweak them for any SSL CA.
- First — Purchase an SSL Certificate on GoDaddy.com — (Save money by using Honey)
- Next, lets make it easy for you, type your:
Generate your Certificate Signing Request (CSR) on your local machine.
Run the following command in your terminal
openssl req -sha256 -new -nodes -keyout domain.com.key -out domain.com.csr -newkey rsa:2048
- You will be prompted to answer a variety of questions. Upon completion you should now have domain.com.key and domain.com.csr in your working directory.
- Submit your CSR to GoDaddy.com. You can open it up in Notepad or a similar text editor and copy and paste it directly into the appropriate GoDaddy CSR field.
- Depending on what OS you select GoDaddy will supply you with various versions of two certificates. One is for your domain and the other is an intermediate SSL certificate for the SSL Chain.
- Regardless what SSL CA you chose - Azure requires a PFX file (Personal Information Exchange). The PFX file contains your private key, SSL certificate and any intermediate certificates.
In the below command we generating our PFX file using our private key, our SSL certificate and the intermediate certificate:
openssl pkcs12 -chain -export -out domain.com.pfx -inkey domain.com.key -in domain.com.crt -certfile intermediate-cert.pem
- Now that you have successfully generated your PFX file - it is time to Upload and bind the custom SSL certificate to your Azure App
Azure App Services — Upload & Bind Custom SSL
- Log into the Microsoft Azure Portal
- Navigate to your App in App Services
- In the panel under Settings select SSL Certificates
- Push Upload Certificate
- Upload the PFX Certificate File
- Enter the Certificates Password
- Upload and Bind It
Having Trouble Generating PFX?
The SSL Converter by SSL Shopper is a useful tool for those struggling with OpenSSL commands. It allows you to easily convert certificates to different formats!