Custom Domain Name - Azure

Publish the URL on a domain you own yourself
Azure

Azure CDN delivers content on the endpoint URL https://{NAME}.azureedge.net, but you could create a custom domain name instead so you maintain branding for your website.

To do this, you must create an alias (CNAME) DNS record in the public DNS service that will map from your domain to the Microsoft domain.

My domain is hosted by a 3rd party but for DNS I use the Azure name servers so I can manage the DNS records in Azure DNS.

Terraform

The following Terraform IaC will:

  • CDN Endpoint Custom Domain
    • Name: azure-resume
    • CDN Endpoint ID: azurerm_cdn_endpoint.this.id
    • Hostname: ${azurerm_dns_cname_record.this.name}.${data.azurerm_dns_zone.this.name}
    • Certificate type: Dedicated
    • Protocol type: ServerNameIndication
    • TLS = TLS 1.2

Terraform IaC

Setup Azure DNS

Your personal domain name should be setup in Azure DNS and the nameservers set as the Azure ones. Meaning, if you use a DNS checking site and search for the NS records against your domain name then the Azure name servers will be returned. This means you can then create custom DNS records directly in Azure DNS for the custom domain settings against the Azure CDN profile.

Create a CNAME record

You need to create a CNAME record in your Azure DNS zone for azure-resume.{domain_name} that points to your CDN endpoint {cdn_endpoint_name}.azureedge.net. This is a necessary step before Azure CDN can recognize and use your custom domain.

  1. Navigate to Your DNS Zone in Azure DNS
  2. Add a CNAME Record
    • Inside your DNS zone, find and click on “Record set”.
    • Click “+ Record set”.
    • In the “Add record set” panel, fill in the details:
      • Name: Enter azure-resume (this is the subdomain part of azure-resume.{domain_name}).
      • Type: Select “CNAME”.
      • Alias record set: Ensure it’s set to “No”.
      • TTL: Enter a suitable TTL (Time-To-Live), like 3600 seconds.
      • CNAME: Enter {cdn_endpoint_name}.azureedge.net as the value.
  3. Click “OK” to create the record.

Verify the CNAME record

You may find errors or delays as this point if the DNS record you created is not circulated on the DNS servers on the Internet. You can check the status using this brilliant site that checks the global DNS service for whichever record you enter.

whatsmydns.net

Add a custom domain to the Azure CDN endpoint

  1. Inside the CDN endpoint, find and click on “Custom domains”.
  2. Click “+ Custom domain”.
  3. Enter your subdomain (e.g., azure-resume.{domain_name}).

Azure will validate the domain. If DNS changes haven’t propagated, it might fail. Wait and retry if necessary.

Certificate (SSL)

If you connect to the Azure CDN endpoint using a custom domain name with HTTPS your browser will give you an error as there is no SSL certificate associated with the custom domain name. You need to generate an SSL certicate that matches the custom domain name so it can be used to enable proper HTTPS connectivity to the website.

image

You can choose to use your own SSL certificate or allow Microsoft to create one in partnership with DigiCert. The effect is the same, it’s just up to you if you want to manage the certificate renewal and storage yourself or offload that as a managed service. I chose to use Microsoft as at the time of writing it is free of charge.

In the Azure portal, browse to the Azure CDN EndPoint and under settings select custom domains. Click the newly created custom domain then select to switch on Custom Domain HTTPS. Choose if you want managed or self-managed certificates and downgrade the TLS if required. A process workflow will now start which could take 12-24 hours in total to complete, each step is below.

1 Submitting request could take up to 10 minutes and is automatic

2 Domain validation if your custom domain is mapped in the DNS system with the Azure CDN endpoint then Microsoft will use this data to valdiate your ownership and thus right to create a certiciate. If this is not the case, then you will recieve an email from Microsoft asking you to perform some domain ownership validation steps. This process could take a few hours to complete.

3 Certificate provisiong whe your domain is validated then DigiCert, the certificate provider, will generate the certificate itself. This could take 6 hours.

4 Complete When the new certificate is complete it will be assigned to your CDN profile and your custom domain name will now have a valid SSL certificate and allow HTTPS access to your site.

imageimage

References

Add a custom domain to your endpoint

Map the permanent custom domain

Add a custom domain to your CDN endpoint

Last modified July 21, 2024: update (e2ae86c)