Renew a SSL Certificate for your Azure webapp

renew a ssl certificate for your Azure Webapp wikiazure

Renew a SSL Certificate for your Azure webapp

Dave Rendón Follow
1 Star2 Stars3 Stars4 Stars5 Stars

In this article I will show you how to renew a SSL certificate for  your Azure webapp.

Pre-requisites.

  • Map a custom DNS name to your web app
  • Choose at least a Basic Tier plan on your Azure WebApp
  • Requirements for your SSL certificate:
    • Signed by a trusted certificate authority
    • Exported as a password-protected PFX file
    • Contains private key at least 2048 bits long
    • Contains all intermediate certificates in the certificate chain
    • PFX file, if you don´t know the process to generate it:
      • Purchase your Certificate with your preferred vendor
      • Generate the Certificate Request and the Private KEY using Open SSL:
      •  Install OpenSSL
      • Run the following command in CMD:
openssl req -nodes -newkey rsa:2048 -keyout C:\Users\daver\Documents\SSL\wikiazureSSLcert.key -out C:\Users\daver\Documents\SSL\wikiazureSSLcert.csr
Generating a 2048 bit RSA private key

Renew your SSL Certificate for your Azure webapp

 

You will get 2 files: the .CSR and the KEY. Now you will need to provide the details for your CSR:

 

Now you will have to send the .CSR to your vendor so that they can emit the SSL certificate. Once they get back to you with the certificate (i.e. .CRT) go back to your CMD and generate the .PFX file:

openssl pkcs12 -export -inkey C:\Users\daver\Documents\SSL\wikiazureSSLcert.key -in C:\Users\daver\Documents\SSL\wikiazure_com.crt -certfile C:\Users\daver\Documents\SSL\wikiazure_com.ca-bundle -out C:\Users\daver\Documents\SSL\wikiazureSSLcert.pfx

 

You will need to provide a password and confirm it, then you will see an output like the image below:

Renew-SSL-Certificate-wikiazure-3

Once you have the .PFX file, go to the Azure Portal and select your Webapp, then go to the SSL certificate blade  then click on upload certificate, then remove the existing expired Certificate:

Renew a SSL Certificate for your Azure Webapp

Now select Private certificate and upload your .PFX file and provide the password for your SSL certificate that you previously verified:

renew a ssl certificate for your Azure Webapp wikiazure

You can enable SSL binding in the same blade, click on Add SSL binding and select the Hostname, certificate and choose either SSL Type (IP Based SSL or SNI SSL):

renew a ssl certificate for your Azure Webapp wikiazure 5

I strongly suggest you to enforce HTTPS to en sure you can redirect all HTTP requests to the HTTPS port. You can do so by going to your WebApp configuration blade, select Custom Domains and click ON.

renew a ssl certificate for your Azure Webapp wikiazure 6

Leave a Reply