This document guides you through the process of configuring a custom domain name and securing it with an SSL certificate for your Azure App Service.
Azure App Service allows you to host your web applications on a custom domain name (e.g., www.yourcompany.com) instead of the default .azurewebsites.net domain. Furthermore, you can secure this custom domain with an SSL/TLS certificate to enable HTTPS, which is crucial for security and user trust.
Navigate to your App Service in the Azure portal.
In the left-hand menu, under Settings, select Custom domains.
Click Add custom domain.
Enter your custom domain name (e.g., www.yourcompany.com) and click Validate.
Azure will provide you with DNS records (TXT or CNAME) that you need to add to your domain registrar's DNS settings to prove ownership of the domain.
Log in to your domain registrar's website and navigate to the DNS management section.
Add the DNS records provided by Azure. Typically, this involves creating:
asuid.yoursubdomain pointing to a specific value).Example DNS Configuration (for `www.yourcompany.com`):
| Type | Host/Name | Value/Target | TTL |
|---|---|---|---|
| TXT | asuid.www |
{verification_id_from_azure} |
3600 |
| CNAME | www |
your-app-service-name.azurewebsites.net |
3600 |
Note: DNS propagation can take some time (minutes to hours). You may need to wait before Azure can validate the records.
Once DNS records have propagated, return to the Custom domains section in the Azure portal and click Validate again.
If validation is successful, you will see a Add custom domain button. Click it to bind the domain to your App Service.
Securing your custom domain with SSL is essential. Azure App Service supports two primary methods:
This is the recommended and easiest method for most scenarios.
In the Azure portal, navigate to your App Service, and go to Custom domains.
Find your custom domain in the list. If it's already validated, you will see an option to Add binding or Create certificate.
Click on your custom domain name to open its details.
Click Add binding.
In the SSL certificate section, select Create App Service Managed Certificate.
Click Create.
Once the certificate is created, a new binding will be automatically added. You can then configure your app to redirect HTTP traffic to HTTPS.
You will need a PFX file containing your SSL certificate and its private key.
In the Azure portal, navigate to your App Service, and go to TLS/SSL settings.
Under Private Key Certificates (.pfx), click Upload Certificate.
Browse for your .pfx file, enter its password, and click Upload.
Once uploaded, navigate back to Custom domains.
Click on your custom domain name to open its details.
Click Add binding.
In the SSL certificate section, select the certificate you just uploaded from the dropdown list.
Choose the SSL Type (e.g., SNI SSL is common and often sufficient).
Click Add binding.
After successfully configuring your custom domain and SSL certificate, it's recommended to enforce HTTPS for all traffic.
Navigate to your App Service in the Azure portal.
Under Settings, select TLS/SSL settings.
Under Protocol Settings, set HTTPS Only to On.
whatsmydns.net to check if your DNS records have propagated globally.For more advanced scenarios, such as using wildcard certificates or Key Vault integration, please refer to the official Azure documentation.
View Official Azure Documentation