Configure SSL for an Azure Web App using an App Managed Certificate
How to get a free Azure App Managed certificate to secure your website using HTTPS. Create DNS CAA record, create an App Managed Certificate, update website bindings and enable HTTPS.
Before you begin
This guide assumes that you have already created the Azure resources needed for your website (Resource Group, App service plan and Web app) and that you have added a custom domain to your website in Azure.
If you haven't done these steps, you can take a look at this series of guides:
1. Create a Web App using Azure CLI
2. Deploy a .NET Web App to Azure using Visual Studio
3. Add a custom domain to an Azure Web App
4. Configure SSL for an Azure Web App using an App Managed Certificate
5. Configure SSL for an Azure Web App using Let's Encrypt
Getting started with Azure App Managed Certificates
- You can get a free Azure App managed SSL certificate to secure your website.
- To get a free SSL certificate, your website needs to be using an App service plan that is not F1 or D1.
- Free SSL certificates cannot be exported and wildcard certificates are not supported.
- App managed SSL certificates are provided by DigiCert and automatically renewed.
- You'll need to add a DNS Certification Authority Authorization (CAA) record for DigiCert to complete the certificate request
Check your App Service Plan
App Service - Scale Up (App Service Plan)
Create DNS CAA record for DigiCert
Type: CAA
TTL: 3600
Data: 0 issue "digicert.com"
Create App Managed Certificate
App Service
TLS/SSL settings - Private Key Certificates (.pfx)
Create App Managed Certificate
Select website name www.
Create
Repeat the steps to create an App Managed Certificate for the non-www version of your website name.
Update website bindings
TLS/SSL settings - Bindings - Add TLS/SSL bindings
Select custom domain: www.ctrlf.cloud
Select Private Certificate Thumbprint
TLS/SSL Type: SNI SSL
Add binding
Repeat the steps to add the SSL certificate binding for the non-www version of your website domain name
Enable HTTPS
TLS/SSL settings
HTTPS Only - On
Browse to the website and verify the SSL certificate has been installed
Comments