Join our affiliate network and become a local SSL expert

♦ learn more about our program ♦
picture of tbs certificates
picture of tbs certificates
Our products range

Certificates for Microsoft Azure

Getting a certificate

Although, Microsoft Azure does not allow you to create a certificate request or to generate a private key, you can import a PKCS#12 file (.p12 or .pfx). This means that you need to generate your private key and your CSR using another tool.

You can use:

Application configuration

To be able to use your certificate, you need to configure your application to use HTTPS.

Start by editing your service definintion file (CSDEF), and add a section Certificates in your Webrole and configure the name of your certificate, its store and its permissions.

  <WebRole name="CertificateTesting" vmsize="Small">
      <Certificate name="SampleCertificate" storeLocation="LocalMachine" storeName="CA" permissionLevel="limitedOrElevated"/>

In the Endpoints section, add a InputEndpoint entry corresponding to the HTTPS.

  <WebRole name="CertificateTesting" vmsize="Small"><br /><br />
    ...<br /><br />
    <Certificates><br /><br />
      <Certificate name="SampleCertificate" storeLocation="LocalMachine" storeName="CA" permissionLevel="limitedOrElevated"/><br /><br />
    </Certificates><br /><br />
    ...<br /><br />

Then, add a Binding element in your Sites section to link the Endpoint to the site.

  <WebRole name="CertificateTesting" vmsize="Small"><br />
    ...<br />
    <Sites><br />
      <Site name="Web"><br />
	<Bindings><br />
	  <Binding name="HttpsIn" endpointName="HttpsIn"/><br />
	</Bindings><br />
      </Site><br />
    </Sites><br />
    ...<br />

In your service configuration file (CSCFG), ServiceConfiguration.Cloud.cscfg, add a Certificates section to the Role section. You will then need to get the Thumbprint (see external links) of your certificate. The following example uses a SHA1 thumbprint:

  <Role name="Deployment">
      <Certificate name="SampleCertificate" thumbprint="9427befa18ec6865a9ebdc79d4c38de50e6316ff" thumbprintAlgorithm="sha1"/>

Sending your certificate on Azure

Azure portal

  • On your portal, select your cloud service.
  • Open the parameters, then select all parameters.
  • Select Certificates, then send the file with its password.
  • You can now access your application using HTTPS.

Classic Azure Portal

  • Connect on your Azure portal.
  • Select Cloud Services.
  • Select your services.
  • Click on the Certificates tab.
  • Send your certificate file, enter its password, and confirm the form.
  • You can now connect to your application using HTTPS.

External Links