Creating certificates in the Azure Portal
This document follows the walkthrough guide available on the Azure Portal and some additional steps to add the certificate on the Azure VM
- Tutorial: Use TLS/SSL certificates to secure a web server
- Adding SSL/TLS certificates for Apache and NGINX on Azure Virtual Machines
Creating a self signed certificate
Following the instructions in Link 1, these commands were executed from the Azure Terminal available on the portal.
keyvault_name=orsanco-flows-kv
az keyvault certificate create --vault-name $keyvault_name --name orsanco-flows-cert --policy "$(az keyvault certificate get-default-policy)"
secret=$(az keyvault secret list-versions --vault-name $keyvault_name --name orsanco-flows-cert --query "[?attributes.enabled].id" --output tsv)
vm_secret=$(az vm secret format --secrets "$secret" -g myResourceGroupSecureWeb --keyvault $keyvault_name)
az vm secret add --certificate orsanco-flows-cert --keyvault orsanco-flows-kv --name orsanco-flows --resource-group orsanco-flows
az vm open-port --resource-group orsanco-flows --name orsanco-flows --port 443
Adding the certificate on the VM
The instructions from Link 2 were followed to add the certificate on the VM.
These commands were added to the NGINX configuration so that the SSL certificate could take it's effect.
riverflows
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
ssl_certificate /etc/ssl/certs/<serverCert>.pem;
ssl_certificate_key /etc/ssl/private/<yourKey>.key;