SSL domain certificate for Azure website from GoDaddy

More and more websites are migrating to https after Google announced changes in ranking results, where websites using https will be given better positions comparing with http.

I already migrated my websites to https and would like to share the process of setting up GoDaddy certificate for website hosting in Microsoft Azure.

After your will buy certificate on GoDaddy website, you will see it in SSL Certificats section in your account.

Now you need to click "Manage" and your will be navigated to certificate creation page where you can provide certificate signing request (CSR).

You have to create signing request on your local IIS server, just open "Server Sertificates" link in your IIS

Next step is to click on "Create certificate request", which will create a text file you should provide to GoDaddy.

On the next step you need to provide information about certificate owner, such as location. Common name is usually name of your domain, in case of wildcard domain name, you need to add "star" in front, for example, *.yaplex.com

On the next step you need to choose cryptographic provider and bit length, just make sure you choosed at least 2048 bit length, because that is the minimum requirement for some hosting providers, for example Microsoft Azure.

As a result of previous step, you should get a text file with certificate signing request, you need to provide it to GoDaddy.

On the next step choose signature algorithm, but do not choose SHA-1, because it is obsolate and it's support will be shutdown in 2017.

After submitting your request, your part is done, and you have to wait untill GoDaddy confrim ownership of the domain and issue you a certificate. If you purchased your domain with GoDaddy, this will probably should not take more than a hour, in my case, it was about 20 minutes.

Now you can navigate to the list of your certificates and wait untill status will chage to "Certificate issued"

After certificate issued, you need to download it, press "Download" button

Now download certificate version for IIS

Zip file which you get, should contain two files, one with *.crt and another with *.p7b file extension

Now go back to IIS and press "Complete certificate request" link

Provide your *.crt file and friendly name, which is the same as website url and "Personal" storage for certificate.

You should have your certificate in IIS, now you need to export it in order to import for Azure website later.

Provide password for your *.pfx file.

Finally it's time to upload your certificate to Microsoft Azure website. Navigate to your website configuration and find "certificates" section, press "upload certificate" button.

Provide your *.pfx file which you just created on IIS and password which you used to encrypt that file.

Now certificate is uploaded to Azure, we are almost done. The good thing about GoDaddy, they provide you two domain name for this certificate, one with www another without www. It's a huge benefit comparing to different companies, who doing only one domain, so you have to pay extra if you want www domain included.

The final step is SSL binding, you need to let Azure know what certificate should be used for your domain. Just go to "ssl binding" section of your website configuration, choose your domain name and certificate which you just uploaded. The type of binding which I usually use is "SNI SSL", it's free and works in all modern browsers, but if you need to support very old browsers, you can choose IP based binding, which will cost you extra.

That is it, now your azure domain should work just fine with https prefix and certificate information should be valid.

And you should see green lock in chrome browser.



Comments

Social media

Search

Latest Tweets