Reputation: 832
Azure APIM custom domain SSL let's encrypt
I want to create a SSL certificate for a custom domain I owned and I then need to use this certificate with an Azure APIM instance. I found the steps to assign a custom domain in APIM but I missed 2 pre-requisities: - The SSL certificat that needs to be uploaded first to a key vault --> I'm looking for the how to guid to use let's encrypt to generate this certificate - The DNS configuration that is required for APIM (only a CNAME?)
Upvotes: 1
Views: 660
Answers (1)
Reputation: 6647
There are quite a few ways/tools that you can use to generate SSL certificates using Let's Encrypt.
acme.sh is a personal favorite which is bash compatible and supports DNS-01 challenges with lots of providers (Azure DNS is one of them).
Once you generate the cert (you can find them under ~/.acme.sh/), convert it to .pfx using this command
openssl pkcs12 -export -out domain.name.pfx -inkey domain.name.key -in domain.name.crt
Now you could either upload this file to Key Vault and reference it in APIM or directly upload it as well.
Note that LE certs expire in 90 days which acme.sh renews every 60 days and can be done manually as well.
Also, you will have to convert and reupload the new certs into Key Vault as well
As for the DNS entry, yes, you just need a CNAME record.
Upvotes: 1
Related Questions
- Failed to setup Custom Domain for APIM using PowerShell script
- C# Azure Management REST API - Bind Certificate to App Service Custom Domain
- Use wildcard certificate in Azure Api Managment
- API Management Service Custom Domain Certificate
- How do I create certificates in Azure for a custom domain?
- How to use Let's Encrypt with Azure's API Management
- Binding Azure App managed SSL to custom domains throgh REST API
- Azure API management - custom domain specific APIs?
- Azure CDN - Custom Domain SSL via Resource Management API
- Add custom domain for customer in azure web app and add let's encript certificate automatically