Get your FREE copy of "The Ultimate Guide of SSL"

Download Ebook

How to Install SSL Certificate on Microsoft Azure for an Application

Steps to Install SSL on Microsoft Azure

Initial Checklist

microsoft azure logoThe following process must be completed before you start SSL certificate installation on your Microsoft Azure.

  • Buy/renew SSL Certificate
  • Generate CSR with SHA-2 algorithm
  • Save the CSR & Private key file on your server
  • Apply for SSL Certificate Issuance
  • Submit SSL Certificate issuance documents as per CA’s requirement (Only for Extended & Organization Validation)

Step 1: Download SSL Certificate Files

Once you send documents to CA (Certificate Authority), they will verify it and accepts if all documents are correct. After that, they will send you SSL certificate via email. Download that SSL certificate file and store it on your web server.

Step 2: Update the service definition and configuration files

To use the SSL successfully, your Azure App must add the HTTPS endpoint, and for that you need to update your service definition and configuration files.

  • Open the Service Defecation file (CSDEF) from the Development Environment.
  • Here, you need to add a new Certificate section under the WebRole section. Add following information to do the same.
<WebRole name="CertificateTesting" vmsize="Small">
...
    <Certificates>
        <Certificate name="SampleCertificate"
                     storeLocation="LocalMachine"
                     storeName="GeoTrust"
                     permissionLevel="limitedOrElevated" />
        <!-- Instruction - Here you also need to add the Intermediate SSL Certificate. -->

        <Certificate name="CAForSampleCertificate"
                     storeLocation="LocalMachine"
                     storeName="GeoTrust"
                     permissionLevel="limitedOrElevated" />

    </Certificates>
...
</WebRole>

Here, the PermissionLevel attibute carries two values either limitedOrElevated or elevated, so select it carefully.

  • limitedOrElevated = Private key is accessible for all processes
  • elevated = Private key is accessible for elevated process.

Here, the certificate section displays the name and the path of the primary certificate file.

  • Add the InputEndpoint section within Endpoints section using following code.
<WebRole name="CertificateTesting" vmsize="Small">
...
    <Endpoints>
        <InputEndpoint name="HttpsIn" protocol="https" port="443"
            certificate="SampleCertificate" />
    </Endpoints>
...
</WebRole>
  • Now add a new Binding section within the Sites section, this will add the HTTPS binding which maps the endpoint to your site.
<WebRole name="CertificateTesting" vmsize="Small">
...
    <Sites>
        <Site name="Web">
            <Bindings>
                <Binding name="HttpsIn" endpointName="HttpsIn" />
            </Bindings>
        </Site>
    </Sites>
...
</WebRole>
  • Add the certificate section under the Role section using following code.
<Role name="Deployment">
...
    <Certificates>
        <Certificate name="SampleCertificate"
            thumbprint="9427befa18ec6865a9ebdc79d4c38de50e6316ff"
            thumbprintAlgorithm="sha2" />
    </Certificates>
...
</Role>

Here you need to replace the thumbprint value with your SSL certificate data.

  • Save the Service configuration file.

Step 3: Uploading Deployment Package & Certificate

  • Login to your Microsoft Azure Account via here.
  • Click on New > Cloud Service > Custom Create one by one
  • Create a Cloud Service dialog will appear, here you need to add the URL, Region & subscription. Don’t forget to check Deploy a cloud service package now.
  • Click on the Next button now.
  • In Publish your cloud service dialog, add the required details for the cloud service. For the environment select Production, please make sure Add certificates now is checked.
  • For single instance role check “Deploy even if one or more roles contain a single instance”.
  • Click on the Next
  • Add Certificate dialog will appear, here browse for your SSL certificate file & enter appropriate password and then click on attach certificate
  • Your SSL certificate file will appear under ATTACHED CERTIFICATES tab
  • To create the cloud service click on the Complete One the deployment reaches to ready status you can proceed to the next step.

Step 4: Role instance connection using HTTPS

Now your deployment is up to ready status, so you can connect Azure with HTTPS.

  • In your Azure Management Portal, select your deployment and then click on the website link under the SITE URL.
  • If your website link is without HTTP then modify it with HTTPS and run it again.

Resources and Other Installation Guides

95%
OFF

comodo-square-logo

Comodo Positive SSL

$6.55

Vendor Price: $41.73

Coupon Code: ASCSCPSSL4

Get It Now

78%
OFF

rapidssl-coupon-square-logo

RapidSSL Certificate

$13.45

Vendor Price: $69

Coupon Code: ASRSRSSL2

Get It Now

95%
OFF

comodo-square-logo

Comodo PositiveSSL Multi-Domain

$17.54 – 2 SAN Included

Vendor Price: $41.73

Coupon Code: ASCSCPMD4

Get It Now

AboutSSL’s Best Stuff

Compare Best SSLs

Choose Your Best SSL

SSL Installation Guide

s

Fix SSL Errors

SSL Coupons

Disclosure: AboutSSL appreciates your continuous support. It helps us tremendously to keep moving in the competitive SSL industry. Here most of the links which direct you to buy any SSL/TLS related service or products earns us a certain percentage of referral commission. Learn More