- IIS or OpenSSL installed on a client machine
Step 1: Generate and Submit the CSR
Because the Azure instance is abstracted as a cloud service, the CSR and private key cannot be generated on the actual server. Instead, generate the CSR and private key on a different machine (typically your local machine). To create the request using IIS, follow this process.
Once generated, submit your CSR via your SSL.com account. After submitting your CSR, you will then have to follow the usual validation process. Once validated, your certificate will be issued and available for download from your SSL.com account.
Step 2: Download the Certificate
Once issued you will have the option to download the certificate. Select the Microsoft IIS (*.p7b) file and download it.
Step 3: Create the .pfx file
Next, create a .pfx file to upload to your Azure Web App. To create the .pfx file, bind the private key you generated earlier to your downloaded *.p7b file.
Please refer to these how-tos to generate your .pfx file, depending on whether you are using IIS (Windows) or OpenSSL (Linux, macOS, or Windows):
Step 4: Upload the .pfx file
After creating your .pfx file, upload it to Azure via the Azure Management Portal.
- Inside Azure, navigate to the Web App or Cloud Service you wish to secure and select the Configure tab.
- Scroll down to the “Certificates” section and click Upload a Certificate
- Upload your .pfx file and enter the password for the file, then click the check button.
- Once the certificate is uploaded, it will be available under the “Certificates” section
Step 5: Bind the SSL Certificate with your domain
Now that the .pfx file has been uploaded via the Azure Management Portal, the certificate needs to be bound to the desired domain.
Scroll down to the “SSL Bindings” section and bind your recently uploaded certificate with the desired domain.
Once the certificate has been bound, click Save on the bottom toolbar
Congratulations! You have installed your SSL certificate on Azure!