In the series of articles about ARM template, we will learn to create a template to secure a custom domain with SSL.

Via the Azure portal you can create an SSL binding with Azure App Service. When selecting SSL certificates in an App Service then Add binding, you can bind a custom domain with a certificate.

Today we will discover how to manage this operation via an Azure Resource Manager template. Our ARM template will be created in a new Azure Resource Group deployment project in Visual Studio.

 

Creation

Let's declare the parameters of the ARM template:

{
  "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "websiteName": {
      "type": "string"
    },
    "websiteCustomDomainName": {
      "type": "string"
    },
    "certificateThumbprint": {
      "type": "string"
    }
  }
  ...
}

 

Now we will declare the resources of the ARM template:

{
  ...
  "resources": [
    {
      "apiVersion": "2015-08-01",
      "name": "[parameters('websiteName')]",
      "type": "Microsoft.Web/sites",
      "location": "[resourceGroup().location]",
      "properties": {
        "hostNameSslStates": [
          {
            "name": "[parameters('websiteCustomDomainName')]",
            "sslState": "SniEnabled",
            "thumbprint": "[parameters('certificateThumbprint')]",
            "toUpdate": true
          }
        ]
      }
    }
  ]
  ...
}

We can pay attention to several things here:

 

Example of use

The ARM template is now ready, let's open a Windows PowerShell and try it:

.\Deploy-AzureResourceGroup.ps1 -ResourceGroupName 'MyResourceGroupName' -ResourceGroupLocation 'canadaeast' -TemplateFile '.\azuredeploy.json'

...

Resource Microsoft.Web/sites 'myappname' provisioning status is succeeded

If everything goes well, you should see the same kind of message as above.

 

To go further

To be able to perform the binding operation you first need to add the custom domain name to the app as seen in a previous article. If the custom domain is not added first you'll get the following error message:

Resource Microsoft.Web/sites 'myappname' failed with message 'Hostname 'mycustomdomain.com' does not exist'.

 

 

Summary

We have seen how to create an ARM template that will create an SSL binding to an app custom domain in Azure App Service.

 

You can download the example solution here:

Download full sources

Or

Browse the GitHub repository

 

Please feel free to comment or contact me if you have any question about this article.

Add a comment

(Will not be published)

Back to articles