Azure Cloud Service configuration for multiple SSL certificates

StackOverflow https://stackoverflow.com/questions/11549741

  •  21-06-2021
  •  | 
  •  

Question

I created a MVC3 project and attached an Azure Cloud Service for deployment to an Azure Web Role. I created two .cscfg files for PRODUCTION and TEST. These two services have different SSL certificates with different thumbprints - which are set up in the appropriate .cscfg files. In my role I set up an https endpoint and selected the correct config setting for the SSL Certificate Name.

The problem -- Visual Studio will not publish to the web role on Azure unless all .cscfg files contain the exact same SSL thumbprint. If I have different thumbprints for the Certificate in the .cscfg files (for PRODUCTION and TEST) it refuses to publish saying that:

Error: Certificate: ‘SSLCert’ with Thumbprint: for Role: XXXXX has not been uploaded to the cloud service: XXXXX

How do I set up the configuration to allow for separate SSL certificates?

Was it helpful?

Solution

I would like to say that is a known issue with Windows Azure SDK and currently being worked on. I do not have any specific details about the fix availability and can not comment on this regard.

Above you already have some workaround to manually publish the package however if you want to still solve your problem within the toolset, you can transform the CSDEF/CSCFG configuration files during the build step as described below:

http://blogs.msdn.com/b/philliphoff/archive/2012/07/02/transform-windows-azure-service-model-files-during-packaging.aspx

Once you transform your config file, you can still use the same build/publish steps and you don't require manual publishing.

OTHER TIPS

I just implemented this using Igorek's answer to my question here. Not as powerful as msbuild transforms, but easier to implement.

The solution is to create a .csdef file corresponding to each service configuration. Then, in a pre-build step on your Azure project, you copy the correct .csdef file over the main .csdef file. These custom .csdef files can be added to your solution, but you have to do it manually with a text editor.

Each of my config-specific .csdef files has both my test and production SSL certificate in it, but the endpoint definition is set up to use the correct one for the configuration. This is required because Visual Studio will complain about certificates referenced in your .cscfg files missing from your .csdef file. This means you have to upload both SSL certificates to both your test and production services on the Azure portal, but the correct certificate will be used after the deploy is completed.

The simple solution that I use is to create two separate cloud projects in my solution. I put them in a folder called "Manual Deploy"

When I want to publish to production using the production certificate, I publish the cloud project that has the proper setup in the config files. Same for QA. I even made a separate cloud project for local dev testing. The cloud projects are easy to make, you just associate the actual webrole project to each of the cloud projects and you are in business.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top