naviocean · March 7, 2023 09:12
diff --git a/readme.rmd b/readme.rmd
 ##How to make SSL work on Microsoft Azure

 ##### Microsoft Azure requires a password-protected PFX file (containing the public key for your domain including any and all intermediate CA certs) in order to support HTTPS (TLS - SSL) support on your Azure hosted websites. Here's how to get it working with certificates from GeoTrust / RapidSSL (and others too probably).

 __1) Create CSR__

 Create a CSR-file and private key with OpenSSL and upload it to your CA:
 ```
 openssl req -new -nodes -keyout yourprivatekey.key -out server.csr -newkey rsa:2048
 ```


 __2) Get CA Bundle__

 When you recieve an SSL certificate from RapidSSL you will have your private key (.key) and your public certificate (.crt) - and a CA Bundle.cer or RSA SHA-1 Intermediate CA.cer or similar as well. If not, you can download the CA Bundle and intermediate CA from the RapidSSL support site. 


 __3) Download PKCS7__

 Trash the public certificate .crt file you've just recieved from RapidSSL and instead go to the RapidSSL User Portal and download your certificate as PKCS7 instead (.p7s). The PKCS7 contains all the required certificates.


 __4) Convert P7S to PFX__

 All you have to do now is to convert your .p7s certificate to PFX and sign it with the CA Bundle from RApidSSL. Here's the magic code: (executed from cmd.exe with admin privileges):
 ```
 openssl pkcs7 -print_certs -in www_yourserver_com.p7s -out www_yourserver_com.cer
 ```
 ```
 openssl pkcs12 -export -in www_yourserver_com.cer -inkey _yourprivatekey_.key -out final-pfx.pfx -certfile CAbundle.cer
 ```

 Remember to sign the PFX with a password as you cannot have blank passwords on Azure!


 __5) Upload to Azure__

 Now you can upload the generated .pfx to your Azure Dashboard and use it as a custom domain on your Azure hosted websites and apps.

 Enjoy. :)
	##How to make SSL work on Microsoft Azure

	##### Microsoft Azure requires a password-protected PFX file (containing the public key for your domain including any and all intermediate CA certs) in order to support HTTPS (TLS - SSL) support on your Azure hosted websites. Here's how to get it working with certificates from GeoTrust / RapidSSL (and others too probably).

	__1) Create CSR__

	Create a CSR-file and private key with OpenSSL and upload it to your CA:
	```
	openssl req -new -nodes -keyout yourprivatekey.key -out server.csr -newkey rsa:2048
	```


	__2) Get CA Bundle__

	When you recieve an SSL certificate from RapidSSL you will have your private key (.key) and your public certificate (.crt) - and a CA Bundle.cer or RSA SHA-1 Intermediate CA.cer or similar as well. If not, you can download the CA Bundle and intermediate CA from the RapidSSL support site.


	__3) Download PKCS7__

	Trash the public certificate .crt file you've just recieved from RapidSSL and instead go to the RapidSSL User Portal and download your certificate as PKCS7 instead (.p7s). The PKCS7 contains all the required certificates.


	__4) Convert P7S to PFX__

	All you have to do now is to convert your .p7s certificate to PFX and sign it with the CA Bundle from RApidSSL. Here's the magic code: (executed from cmd.exe with admin privileges):
	```
	openssl pkcs7 -print_certs -in www_yourserver_com.p7s -out www_yourserver_com.cer
	```
	```
	openssl pkcs12 -export -in www_yourserver_com.cer -inkey _yourprivatekey_.key -out final-pfx.pfx -certfile CAbundle.cer
	```

	Remember to sign the PFX with a password as you cannot have blank passwords on Azure!


	__5) Upload to Azure__

	Now you can upload the generated .pfx to your Azure Dashboard and use it as a custom domain on your Azure hosted websites and apps.

	Enjoy. :)