Configuring free HTTPS(TLS/SSL) certificates on Azure App Service

3 min readJul 12, 2020

In November 2019 Microsoft announced at Ignite 2019, we can now enable HTTPS for our own domains for free on Azure App Service (preview).

Azure App Service is an HTTP-based service for hosting web applications, REST APIs, mobile back ends, Docker images.

TLS/SSL is a mandatory NFR checklist when going to production. Using a third-party certificate usually has the downside of managing certificate, rotation, renewal process, etc. You can also buy App Service Certificates from Azure, which have more features than the free offering but do cost money ($$$). Of course, we have things like Let’s Encrypt which is free but it comes with the overhead of certificate management, rotation, integration with Azure, etc. So, having a managed certificate is certainly a nice feature.

Pre-requisites

1. WebApp provisioned in Azure portal with App Service Plan of Basic and above (free and shared tiers are not supported)
2. Custom Domain already exists

Enabling a free SSL certificate for the web app

Custom Domain configurations

Turn on “HTTPS Only” option
Click on “Add Custom Domain” where you will be providing custom domain information and submit the details

Add SSL binding as shown below if you are seeing SSL state as not secure for the assigned custom domain name. After updating the binding it shows SSL state as secure.

2. TLS/SSL configurations

3. Now if we navigate back to the overview tab of App Service, we should be seeing the updated Url which comprises of the custom domain which we added in the above step.