Geek Answers Handbook

Azure Cloud Service configuration for multiple SSL certificates

I created an MVC3 project and connected the Azure Cloud Service for deployment to Azure Web Role. I created two .cscfg files for PRODUCTION and TEST. The two services have different SSL certificates with different fingerprints - which are configured in the corresponding .cscfg files. In my role, I configured the https endpoint and selected the correct configuration parameter for the SSL certificate name.

Problem. Visual Studio will not publish to Azure web roles unless all .cscfg files contain the exact same SSL fingerprint. If I have different fingerprints for the certificate in the .cscfg files (for PRODUCTION AND TEST), he refuses to publish, saying that:

Error: certificate: "SSLCert with Thumbprint: for role: XXXXX was not uploaded to the cloud service: XXXXX

How to configure to provide separate SSL certificates?

+4
source share
3 answers

I would like to say that this is a known issue with the Windows Azure SDK and is currently working. I do not have any specific details about the availability of patches and I can not comment on this.

You already have a manual workaround, but if you want to solve a problem in the toolbox, you can convert the CSDEF / CSCFG configuration files during the build phase, as described below:

http://blogs.msdn.com/b/philliphoff/archive/2012/07/02/transform-windows-azure-service-model-files-during-packaging.aspx

After converting your configuration file, you can still use the same build / publish steps, and you do not need to manually publish.

+2
source

I just implemented this with Igorek's answer to my question here . Not as strong as msbuild, but easier to implement.

The solution is to create a .csdef file that matches each service configuration. Then, during the pre-build phase of your Azure project, you will copy the correct .csdef file from the main .csdef file. These custom .csdef files can be added to your solution, but you must do this manually using a text editor.

Each of my .csdef configuration files has SSL in my test and production certificate, but the endpoint definition is configured to use the correct one for the configuration. This is necessary because Visual Studio will complain about the certificates specified in your .cscfg files that are not in the .csdef file. This means that you need to upload both SSL certificates for both test and production services on the Azure portal, but after the deployment is completed, the correct certificate will be used.

+2
source

The simple solution I use is to create two separate cloud projects in my solution. I put them in a folder called Manual Deployment

When I want to publish to production using a production certificate, I publish a cloud project that has the correct settings in the configuration files. Same thing for QA. I even made a separate cloud project to test local developers. Cloud projects are easy to do, you simply link the actual webrole project to each of the cloud projects, and you are in business.

0
source

More articles:


All Articles