New-​Azure​Rm​Web​App​SS​LBinding

Creates an SSL certificate binding for an Azure Web App.

Syntax

New-AzureRmWebAppSSLBinding
   [-ResourceGroupName] <String>
   [-WebAppName] <String>
   [[-Slot] <String>]
   [-Name] <String>
   [[-SslState] <SslState>]
   [-Thumbprint] <String>
   [<CommonParameters>]
New-AzureRmWebAppSSLBinding
   [-ResourceGroupName] <String>
   [-WebAppName] <String>
   [[-Slot] <String>]
   [-Name] <String>
   [[-SslState] <SslState>]
   [-CertificateFilePath] <String>
   [-CertificatePassword] <String>
   [<CommonParameters>]
New-AzureRmWebAppSSLBinding
   [-WebApp] <Site>
   [-Name] <String>
   [[-SslState] <SslState>]
   [-Thumbprint] <String>
   [<CommonParameters>]
New-AzureRmWebAppSSLBinding
   [-WebApp] <Site>
   [-Name] <String>
   [[-SslState] <SslState>]
   [-CertificateFilePath] <String>
   [-CertificatePassword] <String>
   [<CommonParameters>]

Description

The New-AzureRmWebAppSSLBinding cmdlet creates a Secure Socket Layer (SSL) certificate binding for an Azure Web App. The cmdlet creates an SSL binding in two ways:

- You can bind a Web App to an existing certificate.

  • You can upload a new certificate and then bind the Web App to this new certificate.

    Regardless of which approach you use, the certificate and the Web App must be associated with the same Azure resource group. If you have a Web App in Resource Group A and you want to bind that Web App to a certificate in Resource Group B, the only way to do that is to upload a copy of the certificate to Resource Group A.

    If you upload a new certificate, keep in mind the following requirements for an Azure SSL certificate:

    - The certificate must contain a private key.
  • The certificate must use the Personal Information Exchange (PFX) format.
  • The certificate's subject name must match the domain used to access the Web App.
  • The certificate must use a minimum of 2048-bit encryption.

Examples

Example 1: Bind a certificate to a Web App

PS C:\>New-AzureRmWebAppSSLBinding -ResourceGroupName "ContosoResourceGroup" -WebAppName "ContosoWebApp" -Thumbprint "E3A38EBA60CAA1C162785A2E1C44A15AD450199C3" -Name "www.contoso.com" -CertificatePassword "p@ssw0rd"

This command binds an existing Azure certificate (a certificate with the Thumbprint E3A38EBA60CAA1C162785A2E1C44A15AD450199C3) to the web app named ContosoWebApp.

Example 2: Upload a certificate and bind it to a Web App

PS C:\>New-AzureRmWebAppSSLBinding -ResourceGroupName "ContosoResourceGroup" -WebAppName "ContosoWebApp" -Thumbprint "E3A38EBA60CAA1C162785A2E1C44A15AD450199C3" -Name "www.contoso.com" -CertificatePassword "p@ssw0rd" -CertificateFilePath "C:\Certificates\ContosoWebSite.pfx"

Example 2 also binds the certificate E3A38EBA60CAA1C162785A2E1C44A15AD450199C3 to the Web App named ContosoWebApp. In this case, however, the certificate has not yet been uploaded to Azure. Because of that, the CertificateFilePath parameter is used to specify the local copy of the certificate .PFX file. This certificate will be uploaded to Azure and then the new SSL bindings will be created.

Required Parameters

-CertificateFilePath

Specifies the file path for the certificate to be uploaded.The CertificateFilePath parameter is only required if the certificate has not yet been uploaded to Azure.

Type:String
Position:4
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-CertificatePassword

Specifies the decryption password for the certificate.

Type:String
Position:5
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Name

Specifies the name of the Web App.

Type:String
Position:3
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-ResourceGroupName

Specifies the name of the resource group that the certificate is assigned to.You cannot use the ResourceGroupName parameter and the WebApp parameter in the same command.

Type:String
Position:0
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Thumbprint

Specifies the unique identifier for the certificate.

Type:String
Position:6
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-WebApp

Specifies a Web App. To get a Web App, use the Get-AzureRmWebApp cmdlet.You cannot use the WebApp parameter in the same command as the ResourceGroupName parameter and/or the WebAppName.

Type:Site
Position:0
Default value:None
Accept pipeline input:True (ByValue)
Accept wildcard characters:False
-WebAppName

Specifies the name of the Web App for which the new SSL binding is being created.You cannot use the WebAppName parameter and the WebApp parameter in the same command.

Type:String
Position:1
Default value:None
Accept pipeline input:False
Accept wildcard characters:False

Optional Parameters

-Slot

Specifies the name of the Web App deployment slot. You can use the Get-AzureRMWebAppSlot cmdlet to get a slot.Deployment slots provide a way for you to stage and validate web apps without those apps being accessible over the Internet. Typically you will deploy your changes to a staging site, validate those changes, and then deploy to the production (Internet-accessible) site.

Type:String
Position:2
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-SslState

Specifies whether the certificate is enabled. Set the SSLState parameter to 1 to enable the certificate, or set SSLState to 0 to disable the certificate.

Type:SslState
Position:4
Default value:None
Accept pipeline input:False
Accept wildcard characters:False