Adding SSL to our Azure Node app

— 4 minute read

permalink

So far, we had some cool introductions to Azure, exploring the following topics.

In this article, we will learn how to bind an SSL to our custom domain in the Azure App.

Having an SSL on a domain is very important. Most browsers are even blocking non-secure websites, so it's a no-go not to have a SSL.

Note: Like the custom domain, this is not available on the free tier!

SSL Options permalink

There are quite a few options when it comes to adding an SSL to a domain.

The simplest way you can go is by buying an SSL from an authority like Comodo, or your domain provider.

For me, I'm going with a free alternative 💸.

We can go for Let's Encrypt, but it's a bit difficult to get that working on Azure, so in our instance, we are using ZeroSSL.

Getting our SSL from ZeroSSL permalink

Let's start by getting our actual certificate from ZeroSSL. Visit the Zero SSL website and fill out your domain in the header section.

ZeroSSL step 1

We can then create a free account.

ZeroSSL free registration

In the following section, we can finalise the details for our SSL certificate. In the first section, we select the 90-day option since that's free.

We do have to re-enter every 90 days (us cheapskates)

ZeroSSL options

In step two, we check the option to generate the CSR automatically. We don't want to do this ourselves.

ZeroSSL auto CSR

In step three, we select the free option.

ZeroSSL free SSL

In the next step, we select our verification method. For me, using the DNS option is the quickest way, so I'm choosing that one.

ZeroSSL verification

Verifying the SSL via CNAME permalink

At this point, we need to go to our domain registrar (Netlify for me) and visit our DNS section.

Add a new DNS record that will have the following setup.

  • Type: CNAME
  • Name: What ZeroSSL gave you
  • Value: The value ZeroSSL provided you
  • TTL: 3600 or less

DNS Settings

Once we added this, head back to ZeroSSL and click "Verify Domain".

You can then download the default ZIP from here.

ZeroSSL Download SSL Certificate

Adding the SSL to our Azure App Service permalink

Now that we have our SSL, we can go ahead and add it to our Azure App Service.

Go to your App Service in Azure and click the "Custom Domains" option.

Azure Custom domain section

If you do not already have a custom domain, view this article on adding an Azure custom domain.

We can then click on the "Add Binding" option. A side-draw will open up.

Azure SSL Binding

As you can see, in the above screenshot, it's asking for a PFX Certificate. We did not receive that from ZeroSSL, so we need to convert our existing certificate.

Visit SSL Shopper Converted and upload the received documents. As output, you can choose PFX.

We need to provide the following details:

  • Certificate file: certificate.crt
  • Private key file: private.key
  • Chain certificate file: ca_bundle.crt
  • Type of current certificate: Standard PEM
  • Type to convert to: PFX/PKCS#12
  • PFX Password: {Whateveryouwant}

You must use a password to make it valid for Azure.

SSL Converter

Now head back to Azure and click Upload PFX Certificate.

Choose the PFX certificate and password you used above.

Azure SSL PFX

Be aware; It might take some time before it's valid (5-10 minutes)

On the next step, select the options from the dropdown.

Azure SSL Options

Now, if we click Finish, we have a secure domain!

Azure Secure domain

And if we visit our secure domain, we can inspect our certificate to see it works.

Chrome inspect SSL Certificate

Thank you for reading, and let's connect! permalink

Thank you for reading my blog. Feel free to subscribe to my email newsletter and connect on Facebook or Twitter