JOIN OUR AFFILIATE NETWORK

Join our affiliate network and become a local SSL expert

♦ learn more about our program ♦
Menu
picture of tbs certificates
picture of tbs certificates
 
Certificates
Our products range
Partners
Support
Focus


Certificates for Microsoft Azure

Getting a certificate

Although, Microsoft Azure does not allow you to create a certificate request or to generate a private key, you can import a PKCS#12 file (.p12 or .pfx). This means that you need to generate your private key and your CSR using another tool.

You can use:

Application configuration

To be able to use your certificate, you need to configure your application to use HTTPS.

Start by editing your service definintion file (CSDEF), and add a section Certificates in your Webrole and configure the name of your certificate, its store and its permissions.

  <WebRole name="CertificateTesting" vmsize="Small">
    ...
    <Certificates>
      <Certificate name="SampleCertificate" storeLocation="LocalMachine" storeName="CA" permissionLevel="limitedOrElevated"/>
    </Certificates>
    ...
    </WebRole>

In the Endpoints section, add a InputEndpoint entry corresponding to the HTTPS.

  <WebRole name="CertificateTesting" vmsize="Small"><br /><br />
    ...<br /><br />
    <Certificates><br /><br />
      <Certificate name="SampleCertificate" storeLocation="LocalMachine" storeName="CA" permissionLevel="limitedOrElevated"/><br /><br />
    </Certificates><br /><br />
    ...<br /><br />
    </WebRole>

Then, add a Binding element in your Sites section to link the Endpoint to the site.

  <WebRole name="CertificateTesting" vmsize="Small"><br />
    ...<br />
    <Sites><br />
      <Site name="Web"><br />
	<Bindings><br />
	  <Binding name="HttpsIn" endpointName="HttpsIn"/><br />
	</Bindings><br />
      </Site><br />
    </Sites><br />
    ...<br />
    </WebRole>

In your service configuration file (CSCFG), ServiceConfiguration.Cloud.cscfg, add a Certificates section to the Role section. You will then need to get the Thumbprint (see external links) of your certificate. The following example uses a SHA1 thumbprint:

  <Role name="Deployment">
    ...
    <Certificates>
      <Certificate name="SampleCertificate" thumbprint="9427befa18ec6865a9ebdc79d4c38de50e6316ff" thumbprintAlgorithm="sha1"/>
    </Certificates>
    ...
    </Role>

Sending your certificate on Azure

Azure portal

  • On your portal, select your cloud service.
  • Open the parameters, then select all parameters.
  • Select Certificates, then send the file with its password.
  • You can now access your application using HTTPS.

Classic Azure Portal

  • Connect on your Azure portal.
  • Select Cloud Services.
  • Select your services.
  • Click on the Certificates tab.
  • Send your certificate file, enter its password, and confirm the form.
  • You can now connect to your application using HTTPS.

External Links