Movatterモバイル変換

[0]ホーム
URL:

Skip to content
DEV Community
Log in Create account

DEV Community

Cover image for Free and Built-In TLS/SSL certificates in Azure
Clemens Schotte
Clemens Schotte

Posted on • Originally published atclemens.ms

Free and Built-In TLS/SSL certificates in Azure

Today, when a website does not have anSSL/TSL certificate, web browsers give you a warningnot secure. This warning not only scares people but also gives you a disadvantage in search engine ranking. On Azure, web sites have a default https-enabled URL, likehttps://sitename.azurewebsites.net/, but when you have a vanity domain configured, you are missing this secure connection. Luckily there are some free SSL/TLS certificate options to explore.

Let's Encrypt

Wait, there isLet's Encrypt, its free! Why are you not using this excellent service? Yes, that is true, but there are some downsides to use Let's Encrypt (on Azure), like:

  • You need an Azure Web App Site Extension to enable and renew certificates, like this one fromSimon J.K. Pedersen.
  • Let's Encrypt does not have any official support or SLA model.
  • It's complex to implement correctly for all the Azure services you need.
  • Let's Encrypt only validates the domain name. There areno further validations like other CAs, and certificates are misused for phishing attacks.

Azure Built-In free certificates

It should be easy and free to enable SSL/TSL certificates in Azure. This was the number one question onUserVoice feedback. Microsoft implemented this Built-In free certificate option for some services, like AzureCDN,Front Door,Application Gateway, etc. When you put one of those services in front of your web site (like what I did withthis blog), you can enable an auto-renewable Built-In certificate for free.

enable TLS certificates

"Custom Domain HTTPS feature enables you to deliver content to your users securely over your own domain. This is done by encrypting the data between the CDN and your users' clients (typically web browsers) via TLS protocol (which is a successor of the SSL protocol) using a certificate. Using our "CDN managed certificate" capability, you can enable this feature with just a few clicks and have Azure CDN completely take care of certificate management tasks such as its renewal. You can also bring your own certificate (stored in Azure Key vault ) or even purchase a new certificate through Key vault and have Azure CDN use that certificate for securing the content delivery."

Use your own certificate

There is also an option to use your own certificate, especially when you need a naked domain (without the "www"-prefix). This is not currently possible with the Build-In certificate option. See "Hosting a Static Site on Azure using CDN and HTTPS" how to fix this.

Top comments(0)

Subscribe
pic
Create template

Templates let you quickly answer FAQs or store snippets for re-use.

Dismiss

Are you sure you want to hide this comment? It will become hidden in your post, but will still be visible via the comment'spermalink.

For further actions, you may consider blocking this person and/orreporting abuse

Sr. Program Manager @Microsoft for Azure Maps. I work with customers and developers on Microsoft's Maps & Geospatial services.
  • Location
    Netherlands
  • Joined

More fromClemens Schotte

DEV Community

We're a place where coders share, stay up-to-date and grow their careers.

Log in Create account
[8]ページ先頭
©2009-2025 Movatter.jp