You have a PaaS Web application in Azure, Platform as a Service, and you want to add a certificate to secure data in transit, fair enough, it was possible before, difference now is, it can be done directly in the Azure Web Console
What they say it does:
- Secure one Web App (root domain and WWW): 2 names, the www, and the whateverdomain.com name
- Secure one Web App and all its sub-domains (Wildcard SSL). Equal to *.whateverdomain.com
- 1 Year validity with auto renewal. 1 Year by default and not modifiable, compared to Lets Encrypt which has to be renewed every 3 months
- A Domain Validated Certificates (DV). The easiest domain validation process I’ve ever come across, 1 click for validation and 2 records for configuration. Ready in 1/2 hour or less
- By default, Certificates secrets are stored in Azure Key Vault. This is very handy, instead of storing the certificate with the vendor, right into the Azure Key Vault.
- SHA-2 and 2048-bit encryption
- 2^2048 equals = 3.231700607131100730071487668866995196044410266971548403213034542752465513886789×10 ^ 616
Good Luck breaking such a number this millennium.
- An Azure Subscription (of course)
- A Web app to install the Certificate
- A Key Vault which can be created at the same time
It’s fairly easy to get it as the pictures below show:
Ownership verification request for this is received in your mailbox
Once the binding it’s done, it will look like below
Once all of the above is done, the certificate is added to the Web Application and good to go
I read in multiple forums that, this certificate could not be used outside of Azure and decided to test those things, I read that the PFX can be exported and found and modified a script to get it. Which I did. I have the .PFX, the .PB7 and the .CER
What I will do next is to install the certificate in a VM and other webapp in a different tenant and see if it works, I do not see why I wouldn’t.
Live Site – Don’t guarantee it will always work