Create HTTPS endpoint for Azure Virtual Machine

0
votes

I have created a virtual machine in Azure and enabled the IIS role.

I have created the appropriate firewall rules to allow me to browse to a website that I have set up in IIS over HTTP.

However, despite having created the bindings and firewall rules to enable HTTPS, I am unable to browse to the same website over HTTP.

I have been reading that I need to create a HTTPS endpoint for Azure to traffic any requests on port 443 to my site.

Does anyone know how to do this in the new portal?

Thanks,

Sean

2
azureiishttps
Have you looked at your network security group to see if there's an inbound rule for port 443? - David Makogon
Yes, there is an inbound rule for port 443. I am trying to bind to a custom domain though - I wonder if that might be the issue. - Seán
@Seán, Yes, you can map your custom domain with Azure public IP address(set it to static). - Jason Ye

2 Answers

0
votes

By default, when you create a VM, only port 3389 (RDP) is opened. You will need to add any additional ports that you need to the Network Security Group.

Here is an example of how to add an NSG inbound rule to allow traffic on port 80 (HTTP), but you can use the same steps to allow traffic on port 443 (HTTPS):

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/nsg-quickstart-portal

0
votes

Ok, so I have got this working so I will document the steps that I went through in order to get this to work:

  1. Create a public IP address in the Azure portal
  2. Assign a ‘cloudapp.azure.com’ DNS name to the IP address
  3. Associate the IP address to an Azure network interface (this network interface may be attached to a VM or an App Service – in our case, it’s a VM)
  4. Create an http endpoint in IIS and set the host name in your bindings to the ‘cloudapp.azure.com’ DNS name and the the IP address to the IP address created in step 1
  5. Create a https endpoint and select your wildcard server certificate as the SSL certificate
  6. Create a ‘CNAME Record’ entry in your DNS Configuration where the host is your custom DNS name and the target is the Azure DNS name
  7. Open a web browser and browse to your custom DNS name via https and ensure that the website displays the server certificate