home | non-tech | cs | ee | about
Abstract New

List of steps to enable SSL on a Windows Azure web role


What follows is a memory dump of a list of things to do to get SSL going on an Azure web role. This might be broadly applicable if you are trying to install SSL onto IIS. Assumes you know your way around computers.

Generate a Certificate Signing Request using your local machine.
  • Open IIS and click on server certificates 
  • Click on create certificate request (on the right sidebar) 
  • Fill out the relevant details 
    •  The common name should be the name of the domain for which you are creating the cert. 
    •  If it is a wildcard certificate the domain name should be *.mydomainname.com 
  •  Save the resultant file with the extension .cer
Upload the CSR to your provider

Differs based on the provider. Generally you submit the contents of the generated certificate file to the provider

Complete the certificate signing process
  • Get the certificate authority's response.
  • Copy the entire text including the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- tags
  • Paste the contents to notepad and save it as a .cer file. 
  • Open IIS and click on complete certificate request
  • Select the .cer file that was saved.
Export as pfx 
  • If you have completed the above steps you should see the certificates listed in the IIS server certificates list
  • Select the certificate and click on export 
  • You can export your certificate as either a .cer or a .pfx 
  • If you selected pfx specify a password
Upload to Azure 
  • Take the resultant pfx file and upload it onto Azure (Azure now seems to take a cer file as well).
  • Click on the service go to the certificates tab and upload the certificate file
Upload root certs
  • Depending on where you purchased your certificate from you would need to include root certificates and intermediate certificates. 
  • For instance if you purchased a wildcard ssl at thawte check out this link 
  • Upload the root and intermediate certs to the management portal as well
Include the certificates in your solution (assumes you are using Visual Studio)
  • Select the web role's properties => Right click on the role and select properties 
  • Add the root and intermediate certificates to the CA store
  • Add your SSL certificate to the My store. 
  • Add an HTTPS endpoint 

1 comment:

Kris Sebesta said...

This was extremely helpful and informative. Thanks for taking the time to write it up. Cheers!

Post a Comment

© 2014 - 2015 abstract new. All rights reserved.