custom ssl in windows azure

0
votes

I was evaluating appharbor and azure framework or a cloud application. I came across an article in this url: http://blog.appharbor.com/2012/06/10/some-notes-on-the-recent-azure-launch , which says

Azure Web Sites has no way to add your own SSL certificates at all. If your app needs SSL, you’re stuck with running on the Azure subdomain and piggy-backing off their certificate.

I am a little confused here and so the question:

1) Does this mean that I cannot register and use a ssl certificate for my domain (eg: www.mydomain.com) if my application is hosted in azure? If that cannot be done- isnt this a fairly basic requirement for a secure web application? why is it not implemented in azure?

2) Azure articles talk of shared ssl certificate. So, if I use a shared certificate, what will the user see in certificate details? will they see something like myapplication.cloudapp.net?

2
sslazure

2 Answers

4
votes

This is true as of today. But please do note that Azure Web Sites is a preview feature and things do change. Having a custom SSL certificate for an Azure Web Sites is something that the team in Redmond is definitely after (check here). Also, please do note that this limitation is only valid for Windows Azure Web Sites. Website addresses usually maps to myapp.azurewebsites.net.

This is not the situation with Windows Azure Cloud Services (that maps to myapp.cloudapp.net). You check some articles and sample how to configure custom SSL for Azure Cloud services here and here.

0
votes

Azure websites now do support SSL certificates, with the ability to buy an SSL certificate or bring your own.

see this article for the configuration: https://azure.microsoft.com/nl-nl/documentation/articles/web-sites-configure-ssl-certificate/

Also free SNI certificates are available as of now for Basic, Standard and Premium App Services: https://azure.microsoft.com/en-us/updates/ssl-connection-pricing-changes/