On Windows
Create a Certificate Signing Request using the MMC. Save it as <domain>.csr. CSR files are Base64 encoded text files. Go to Certificates - Current User --> Personal --> Certificates & right click to select All Tasks --> Advanced Operations --> Create Custom Request. I'll use "example.com" as my domain in the rest of the article.
When a CSR is created, the request is captured in the Certificates MMC under "Certificate Enrollment Requests --> Certificates"
Export the private key as a 'example.pfx' file choosing a password. Keep this password safe. You will need it whenever you need to deploy or change file formats.
Use the following command to extract the private key from the .pfx file in an Open SSL format: openssl pkcs12 -in example.pfx -nocerts -out example-private.key -nodes
Optionally, you may also extract the public key: openssl pkcs12 -in example.pfx -clcerts -nokeys -out example-public.key -nodes
On GoDaddy Portal
Create a new SSL Certificate by going to Manage SSL Certificates. *.App domains come with an SSL certificate, by default
Open the CSR file in notepad and copy & paste the content into the CSR field in the GoDaddy portal
Submit the request & wait for few minutes (as the request will be pending initially & then approved)
Once the request is approved, choose IIS and download the zip file
Zip file contains three files: a *.crt, *.pem & a .p7x files. Refer to the differences between SSL file formats here
Extract the Zip file
Back on Windows
Use the following OpenSSL command to convert the .crt file to a PFX file: openssl pkcs12 -export -out example-gd.pfx -inkey example-private.key -in ef1e3eff5772dbe7.crt
Note that the "ef1e3eff5772dbe7.crt" is the file that you got from the GoDaddy ZIP file
You will be asked for the password you chose when you created the original *.pfx file
On Azure
Goto Custom Domain settings of the App Service
Look for the IP Address & the URL of the App Service and note the same
Back on GoDaddy Portal
Manage DNS of the domain chosen
Create an A record pointing to the IP Address of the App Service
Create a CNAME record that points www to @
Create a TXT record with @ pointing to the App Service Url
Back On Azure
Verify the domain
Configure SSL by uploading the PFX & type in the PFX file password
Opmerkingen