.Net, Azure

Integrating SSL to Azure Websites

freessl

So after very very long I have finally got some time to share something. Today I will share how to integrate SSL with Azure Website; trust me it can be a bit of pain to get this working specially if you are quite new to this. So in this article I will explain it with all pictures; which I feel is the best way to explain or learn.

So to try this two things is a must.

  • You should have a registered domain. Do not use *.azurewebsites.net for registering SSL since almighty Microsoft provides the SSL support for azurewebsites.net domain. So if you are planning to use *azurewebsites.net then you do not need to have a seperate SSL certificate.
  • The SSL Provider we are going to use here i.e RapidSSL send a mail to the domain administrator mail id which is actually a set of email id’s which RapidSSL support. Here is the list of all supported email id’s (admin@yourdomain.com,administrator@yourdomain.com,
    hostmaster@yourdomain.com,webmaster@yourdomain.com,
    postmaster@yourdomain.com)

Ok Lets get started not.

First go to the URL www.freessl.com and click on TRY button to try with freessl or you are quite sure to buy it then just buy. I will use the free version which is valid for 1month.

Now on clicking on the TRY button you will get series of forms to be filled for which I have attached the screenshots.

freessl_pop1

freessl_pop2

freessl_csr

Now this is the point we need to generate the CSR (Certificate Signing Request). We can do it using IIS Manager or OpenSSL as well. But lets use IIS though we would openssl in later stage but for this purpose lets use IIS Manager.

So press start in windows OS and then type IIS; and you will get IIS Manager. If you do not find it then go to Control Panel -> Program Features -> Turn windows features on or off.

So if you find the IIS manager then you just follow these snapshots

iis_open_feature

iis_create_cert_dialog1

iis_create_cert_dialog2

iis_create_cert_dialog3

Now after you have save this file. Open this file in the Notepad and copy the content and paste it to the freessl website ; here

freessl_csr

Now after pressing the submit you follow these

freessl_continue1

freessl_continue2

freessl_continue_domain_approver

freessl_orderno

After this you should get a mail on the Domain email id you have selected after clicking the link provided on that you should get your CSR to the registered email address. And if you look at the end of the mail you will see the Web Server certificate. Copy that and save it as myserver.crt. Now right click on this file and press install certificate.

Now we need to generate the .pfx file which is needed to be uploaded to the azure. So lets do that.

First lets get the private key; which we get from teh CSR request we made

On the start serach mmc.exe then File -> Add/Remove SnapIn; select Certificates and then Local Computer.

Now go to folder level Personal -> Certificates and you should find the certificate www.whynotme.com.

Click on next and select yes then again next and select to PKCS #12. and then the location of the file and save it as file name privatekey.pfx

Now we need to generate a .pfx file which is password protected and accepted by Azure website. So lets use OpenSSL to generate this.

We need 3 files for this

  1. Private Key file
  2. Web Server Cert from RapidSSL
  3. Intermediate or Chain Cert as bundle which you can get it here and save it as Intermediate.pem

Now we have the private key as .pfx file but we need .key file to generate the final .pfx file. So lets extract the .key file from privatekey.pfx.

You can get the Open SSL installer from here. INstall it in C:\openssl drive with all its binaries. Open command prompt and type the following

set OPENSSL_CONF=c:\OpenSSL-Win64\bin\openssl.cfg

And to generate the .key file

C:\>.\OpenSSL-Win64\bin\openssl.exe pkcs12 -in privatekey.pfx -nocerts -out privatekey.pem

C:\>.\OpenSSL-Win64\bin\openssl.exe rsa -in privatekey.pem -out private.key

Now we have all the files lets generate the final .pfx file which should be uploded to Azure by just running the following command

C:\>.\OpenSSL-Win64\bin\openssl.exe pkcs12 -export -out whynotme_ssl.pfx -inkey private.key -in myserver.crt -certfile intermediate.pem

So the final file which should be uploaded is whynotme_ssl.pfx

Go to your azure website -> Configure; search for Upload Certificate.

ssluploadcert

ssluploaddlg

In the ssl bindings section of the CONFIGURE tab, use the dropdowns to select the domain name to secure with SSL, and the certificate to use. You may also select whether to use Server Name Indication (SNI) or IP based SSL.

sslbindings

  • IP based SSL associates a certificate with a domain name by mapping the dedicated public IP address of the server to the domain name. This requires each domain name (contoso.com, fabricam.com, etc.) associated with your service to have a dedicated IP address. This is the traditional method of associating SSL certificates with a web server.
  • SNI based SSL is an extension to SSL and Transport Layer Security (TLS) that allows multiple domains to share the same IP address, with separate security certificates for each domain. Most modern browsers (including Internet Explorer, Chrome, Firefox and Opera) support SNI, however older browsers may not support SNI. For more information on SNI, see the Server Name Indication article on Wikipedia

Click Save to save the changes and enable SSL.

Thats it. Now try https://yourdomain.com

Hope it works for you as it worked for me. Please leave a comment good or bad or improvements all are appreciated.

Reference : Enable HTTPS for an Azure web site

Cloud technology

First ever Windows Azure Conference in India

WinAzure2

This post is all about my experience at India’s first ever Windows Azure conference. This event was on March 20th and 21st 2014 at Bangalore. This event was to showcase the power of mighty Windows Azure to Developers, IT Professionals, Business Decision Maker, and Service Providers.

Microsoft India has been excellent in conducting this event.

From the day I have heard about Windows Azure I have been soo fascinated with this technology, but I confess that I know only bits of it; this subject is huge by huge I mean really huge. It has soo many features and details hidden to it. BTW this small website of mine is also powered by Windows Azure.

Microsoft like to call Windows Azure as the Cloud OS. Well it is.

So my journey to this conference starts with the registration which I came accross on twitter, I did no long to get registered even I forgot to take permission about this to my boss. I was like I will attend this no matter what happens.

But I was lucky to have got the permission from my boss Jan Mattson to go for this event, even though I had a Sprint planning meeting on the same day.

wac_start

The event was divided into basically two main parts Develop and Deploy + Manage; I went for Develop module.
The event started with the key note by Mr. Bhaskar Pramanik, Chairman of Microsoft India. It was very very interesting to hear him. He showed soo very cool statisctics of Windows Azure. Here is the image of it:

azure_stats

Some interesting fact which mentioned were:
1. Over 1000 new customers sign up for Azure everyday.
2. 55% of the Fortune 500 use WIndows Azure.
3. Azure Revenue Growing 200% +

Wow that sounds very cool and promising.

Then there was the expected key not by the new CEO of Microsoft Mr. Satya Nadela.

satya_speech

He has been talking mostly about the future of Cloud and Mobile. So Microsoft is a cloud first company.

But after that comes the CIO of Fortis Hospital who speaks about their partnership with Azure. Yes Fortis uses Azure. Nice real case example of a big organization using Azure.

Then the events get started with Azure Website. They have shown some basic ways how website can be deployed to Azure quickly. Some of the ways they have been showing were:
1. FTP
2. Thru Visual Studio
3. Thru GIT
4. Thru DropBox
5. Thru TFS

In my coming posts I will try to cover these and show some examples on how to do it.

Now the next event was all about Mobile Services provided by Azure. This event was actually in my personal opinion was not planned very well. It had lots of glitches in between. But it was about the services like
1. Push notifications
2. Publishing app with diff platform support etc

To be frank I did not understand much with this event I would rather  read the documentation and learn by myself.

Next event was about Windows Azure Media services.

azure_media_services
They talked about the Live streaming of SOCHI Olympics which was hosted by Windows Azure.

They also talked about various media formats supported by Azure and how the streaming can be smooth by Smooth streaming technology.

Next we had lunch time; ok the food was good (it was free) but then they made us stand under hot sun which was still ok since its free hahaha..

Now the next event was about SQL Azure; well what to say I am not an SQL guy so this was a kind of bad choice of me sitting for this event. But what I liked in that event was how to take the backup of the database using SQL Server Management Studio. But the event was very theoritical and less hand on but still it was good nothing to share about lets move on.

This was the last event Windows Azure Websites Deep Dive.. aah very nice and informative event. They showed some cool stuffs like
1. Kudu Console
2. Remote debugging of Azure website
3. Visual Studio Online
4. Web Jobs
5. Zapier.com (very cool website)

Overall very very informative I liked this session the most.

Above topics are huge and lots of details in themselves. I will talk about these as seperate posts soon 🙂

That’s the end of the first day. Soo much I have learnt from it. Saw so many bright minds on this event got inspired by them to great extent. Very happy to be part of this event

Second day I could not join since taking two days leave from office work was not feasible.

What I get from this? Lots of knowledge which you will see in the coming posts of mine and this very cool Windows Azure Pendrive

azure_pendrive