Once the web application is deployed on the cloud, most of the applications require secure data transmission over the network wire. It can be implemented using SSL certificate for the website and can be procured from certificate issuing authority like VeriSign etc. There is a simple process to install SSL certificate for the web role. SSL certificate (.pfx or .cer file) can be installed to upload the Certificates section of the web role. Updating the certificate for existing web role can be done to update the certificate thumbprint in the service configuration file after you deploy the new certificate.If it is a new web role, a new certificate is required to be requested and uploaded for the web role. To request a new certificate, a new CSR has to be generated and it can be generated from any machine. It is recommended to create the pfx file from the same machine which was used to generate the CSR. Open IIS from the machine and select “Server Certificates” and “Create Certificate Request“. Following dialog comes up and fill it with the proper information.
Once done, it would ask to save the CSR file in the local machine and the file can be sent to the certificate issuing authority who will return you the .p7b/.cer file. Upon receiving the .p7b file, open the IIS in your local machine and select “Server Certificates” and “Complete Certificate Request“. Once it is completed, it can be exported the file in .pfx format which you can install through the Azure portal.
All the steps are shown in the flowchart below