Articles in Root

Impementing SSL in the Windows Azure Platform


First you must obtain a PKCS#12 file.  This is a file that contains both the public and private key of a certificate in a single file.  The recommended way of creating this is using Internet Information Services.

IIS 5 or IIS 6


Exporting to *.pfx


Create an application in Visual Studio for the Windows Azure Platform.
Note: You may need to install the SSL Certificate at the local user level in order for Visual Studio to recognize it in the properties dialog.

Assigning The Certificate To Your Application

In Solution Explorer, expand the Roles node in your project, double-click the MyTodo.WebUx role to open its properties window, and then switch to the Certificates tab in Visual Studio.
Click on Add Certificate at the top.  Provide a friendly name for the certificate.
Select your SSL certificate from the list and click on OK.  Chose LocalMachine as the store location.

Assigning Your Application An Endpoint

In the MyTodo.WebUx [Role], click on the Endpoints tab on the left in Visual Studio.
Click on Add Endpoint at the top.
Add an Endpoint and select the HTTPS checkbox.  Enter in the port 443 and select your SSL certificate from the drop down menu.

Installing Your SSL Certificate Into the Azure

Log into Windows Azure Platform at
Click on the Hosted Services, Storage Accounts & CDN link in the lower left pane.
Click on the Hosted Services node on the upper part of the left pane and then select Certificates (located under the MyToDo Service.
Click on the Add Certificate button at the top in the ribbon.
Click on the Browse ... button and navigate to your pfx file.
In the Password field, enter in the password that was set when exporting the certificate.
You will see that your certificate has been loaded in the Certificates folder.

Publish and deploy your application to the Windows Azure Platform using your preferred method.  Once it is deployed, start it and wait for the status to be Ready.

Navigate to your application.

Creating A CNAME

When you access your application, it will redirect to the Windows Azure Platform URL in the cloud.  This will cause a mismatch error in your certificate.  In order to get around this, you must create a CNAME entry that matches your SSL Certificate Common Name to the Windows Azure Platform URL.