In this post, I will show you how to get free SSL from Comodo for your personal Azure website.
Appsolultly, you can found so many articles about the SSL for Azure website on the internet. So In this post, I just want to show you the alternative way to get a free SSL from Comodo using window Internet Information Service (IIS). You may ask a question Why IIS and What’s related? Actually, I’m a lazy developer and prefer to use some tool instead of command line.
Before starting with SSL generation, just highlight that the custom SSL is for the custom domain only. Please check here if your Azure website doesn’t have a custom domain yet.
Note that, if you want to apply the SSL for the Production environment you should buy an SSL certificate that suits to your company. The free Certificate just for the testing purpose should be used for development environment only.
In the below steps, I will use my drunkcoding.net domain for the demonstration.
I. Generate CSR
- Open IIS and go to Server Certificate
- Click Create Certificate Request fill up your domain information in the pop-up window. By default, the cryptographic service provider will be Microsoft RSA SChannel Cryptographic Provider and Bit Length should be greater than or equals 2048.
- Save the CSR request into a text file.
- Go to Comodo website and paste the contain of CSR file into the first textbox and select the Microsoft IIS 7.x and later in the second one then click next.
- In the Domain Control Validation part 1 select HTTP CSR Hash in the Alternative Methods of Domain Control Validation. You shall have 2 hash values names MD5 and SHA-1 at the end of this section.
- Create a text file with the name is MD5 value and contain is SHA-1 value and then comodoca.com in a separate line as the screenshot below.
- Upload the file into the wwwroot folder of your Azure website. You also can use the Kudo tool of Azure website to create a text file on the host directly.
- Click next and fill up all the require fields and finished the validation.
- After then, you can use registered account to log in and download your the certificate. It may take 2 minutes to generate your SSL.
II. Conver .crt to .pfx
After download and unzipped the certificate file you will have a folder with 4 .crt files. Now go back to the IIS and click Complete Certificate Request and provides required info into the popup window as below:
- Filename is the location path of yourdomain.crt
- Friendly name is your domain name
- Certificate store is Web Hosting
Now, you shall have a certificate in the Server Certificate. Right-click on it and select export, specify the pfx file path and password then click ok to export the certificate back to the pfx file because Azure website only allows importing the pfx file.
III. Upload and Binding SSL to custom domain on Azure website
Open your website on the Azure portal and go to SSL Certificate setting upload your certificate and add a binding to the corresponding domain.
Now, open your website with https and verify the Secure flag on your browser.
The free SSL certificate will valid in 3 months. So just remember to renew your certificate every 90 days.
If you would like to have an auto re-new SSL Sertificate function on your website then the post here will help you on that.