Install Certificate to Azure Cloud Services

Web role is a fully managed service provided by Microsoft Azure to host web application in the cloud. This is one of the oldest PaaS offerings in Microsoft Azure compute services. You can also use Azure WebApp and virtual machine to set up the web application but there are subtle differences among them. In order to take effective decision which one to use and when to use, check the guidelines published here.

Once the web application is deployed on the cloud, most of the applications require secure data transmission over the network wire. It can be implemented using SSL certificate for the website and can be procured from certificate issuing authority like VeriSign etc. There is a simple process to install SSL certificate for the web role. SSL certificate (.pfx or .cer file) can be installed to upload the Certificates section of the web role. Updating the certificate for existing web role can be done to update the certificate thumbprint in the service configuration file after you deploy the new certificate.certificate snapshotIf it is a new web role, a new certificate is required to be requested and uploaded for the web role. To request a new certificate, a new CSR has to be generated and it can be generated from any machine. It is recommended to create the pfx file from the same machine which was used to generate the CSR. Open IIS from the machine and select “Server Certificates” and “Create Certificate Request“. Following dialog comes up and fill it with the proper information.

CSR image

Once done, it would ask to save the CSR file in the local machine and the file can be sent to the certificate issuing authority who will return you the .p7b/.cer file. Upon receiving the .p7b file, open the IIS in your local machine and select “Server Certificates” and “Complete Certificate Request“. Once it is completed, it can be exported the file in .pfx format which you can install through the Azure portal.

All the steps are shown in the flowchart below


Leave a Reply