• Cloudlene Inc.

Azure App Service: Deploying SSL Certificates from GoDaddy

On Windows
  1. Create a Certificate Signing Request using the MMC. Save it as <domain>.csr. CSR files are Base64 encoded text files. Go to Certificates - Current User --> Personal --> Certificates & right click to select All Tasks --> Advanced Operations --> Create Custom Request. I'll use "example.com" as my domain in the rest of the article.

  2. When a CSR is created, the request is captured in the Certificates MMC under "Certificate Enrollment Requests --> Certificates"

  3. Export the private key as a 'example.pfx' file choosing a password. Keep this password safe. You will need it whenever you need to deploy or change file formats.

  4. Use the following command to extract the private key from the .pfx file in an Open SSL format: openssl pkcs12 -in example.pfx -nocerts -out example-private.key -nodes

  5. Optionally, you may also extract the public key: openssl pkcs12 -in example.pfx -clcerts -nokeys -out example-public.key -nodes

On GoDaddy Portal
  1. Create a new SSL Certificate by going to Manage SSL Certificates. *.App domains come with an SSL certificate, by default

  2. Open the CSR file in notepad and copy & paste the content into the CSR field in the GoDaddy portal

  3. Submit the request & wait for few minutes (as the request will be pending initially & then approved)

  4. Once the request is approved, choose IIS and download the zip file

  5. Zip file contains three files: a *.crt, *.pem & a .p7x files. Refer to the differences between SSL file formats here

  6. Extract the Zip file

Back on Windows
  1. Use the following OpenSSL command to convert the .crt file to a PFX file: openssl pkcs12 -export -out example-gd.pfx -inkey example-private.key -in ef1e3eff5772dbe7.crt

  2. Note that the "ef1e3eff5772dbe7.crt" is the file that you got from the GoDaddy ZIP file

  3. You will be asked for the password you chose when you created the original *.pfx file

On Azure
  1. Goto Custom Domain settings of the App Service

  2. Look for the IP Address & the URL of the App Service and note the same


Back on GoDaddy Portal
  1. Manage DNS of the domain chosen

  2. Create an A record pointing to the IP Address of the App Service

  3. Create a CNAME record that points www to @

  4. Create a TXT record with @ pointing to the App Service Url

Back On Azure
  1. Verify the domain

  2. Configure SSL by uploading the PFX & type in the PFX file password


608 views0 comments

Recent Posts

See All