在动态创建的Web应用程序服务中添加SSL绑定自定义域

Question

我已经使用REST API创建了一个Azure Web应用程序。我想将SSL证书添加到我的Web应用程序。我的Web应用程序是使用Azure API动态创建的。因此，在创建Web应用程序时，还希望为每个Web应用程序绑定SSL。可以使用rest api自定义域SSL绑定吗？

我正在使用通配符SSL。

Answer 1

  

是否可以使用rest api来自定义域SSL绑定？

是，您可以使用rest api将现有SSL绑定添加到Azure Web应用。

Url: https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Web/sites/{snapshotName}?api-version={api-version}

Method: PUT

Parameter:
subscriptionId  The identifier of your subscription where the snapshot is being created.
resourceGroup   The name of the resource group that will contain the snapshot.
WebappName    The name of the WebappName. 
api-version The version of the API to use.

Request content:
{
  "properties": {
    "HostNameSslStates": [ 
      {
        "SslState": "the SSL state",
        "ToUpdate": "True",
       "Thumbprint": "The Thumbprint of the certificate, you could find it in the portal",
        "Name": "yourwebsitename"
      }
    ]
},
  "kind": "app",
  "location": "yourlocation",
  "tags": {
    "hidden-related:/subscriptions/{subscriptionId}/resourcegroups/{resourceGroup}/providers/Microsoft.Web/serverfarms/{yourserviceplan}": "empty"
  }
}

更多详细信息，您可以参考以下C＃代码：

首先，在本地计算机上创建一个Josn.txt来存储将要设置的属性：

{
  "properties": {
    "HostNameSslStates": [ 
      {
        "SslState": "1",
        "ToUpdate": "True",
        "Thumbprint": "BE58B05C5CADE03628D0D58B369D0DA6F535B0FA",
        "Name": "example.com"  //your custom domain
      }
    ]
},
  "kind": "app",
  "location": "East Asia",
  "tags": {
    "hidden-related:/subscriptions/xxxxxxxxxxxxxxxx/resourcegroups/xxxxxxxxxxxxx/providers/Microsoft.Web/serverfarms/BrandoTestServicePlan": "empty"
  }
}

C＃代码：

string body = File.ReadAllText(@"D:\json.txt");
// Display the file contents to the console. Variable text is a string.
string tenantId = "xxxxxxxxxxxxxxxxxxxxxxxxx";
string clientId = "xxxxxxxxxxxxxxxxxxxxxxxxxxx";
string clientSecret = "xxxxxxxxxxxxxxxxxxxxxxxxx";
string subscriptionid = "xxxxxxxxxxxxxxxxxxxxxxxxxx";
string resourcegroup = "xxxx";
string appname = "Yourwebapp";
string version = "2018-02-01";

string authContextURL = "https://login.windows.net/" + tenantId;
var authenticationContext = new AuthenticationContext(authContextURL);
var credential = new ClientCredential(clientId, clientSecret);
var result = authenticationContext.AcquireTokenAsync(resource: "https://management.azure.com/", clientCredential: credential).Result;

if (result == null)
{
    throw new InvalidOperationException("Failed to obtain the JWT token");
}
string token = result.AccessToken;

HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(string.Format("https://management.azure.com/subscriptions/{0}/resourceGroups/{1}/providers/Microsoft.Web/sites/{2}?api-version={3}", subscriptionid, resourcegroup, appname, version));
request.Method = "PUT";
request.Headers["Authorization"] = "Bearer " + token;
request.ContentType = "application/json";
try
{
    using (var streamWriter = new StreamWriter(request.GetRequestStream()))
    {
        streamWriter.Write(body);
    }
}
catch (Exception ex)
{
    Console.WriteLine(ex.Message);
}
// Get the response
var httpResponse = (HttpWebResponse)request.GetResponse();
using (var streamReader = new StreamReader(httpResponse.GetResponseStream()))
{
    Console.WriteLine(streamReader.ReadToEnd());
}

输出：

有关更多详细信息，您可以参考此article。

正如Jayendran所说，顺便说一句，您也可以不通过REST API使用C＃代码。您可以参考此issue。

await azure
        .WebApps
        .Inner
        .CreateOrUpdateHostNameBindingWithHttpMessagesAsync(
            resourceGroupName, 
            webAppName, 
            domain,
            new HostNameBindingInner(
                azureResourceType: AzureResourceType.Website,
                hostNameType: HostNameType.Verified,
                customHostNameDnsRecordType: CustomHostNameDnsRecordType.CName,
                sslState: SslState.SniEnabled,
                thumbprint: thumbprint));

希望它对您有帮助。