Dienstag, 24. Juli 2012 13:42
Required solution: Resolve all variations of the domain URL to https://www.foo.com.
- We have a website hosted on azure at https://foo.cloudapp.net/.
- In our website code we redirect all HTTP requests to HTTPS (via a URL rewrite).
- We have registered www.foo.com with Go Daddy, bought an SSL certificate, and installed on Azure.
- In the Go Daddy DNS manager we have set up a CNAME for "www" and pointed it to foo.cloudapp.net.
- Still at Go Daddy we set up a re-direct for the root domain (http://foo.com) to point to https://www.foo.com.
So at present the following are all resolving fine:
- http://foo.com (Re-directed by Go Daddy)
- https://www.foo.com (Picked up by the CNAME record)
- http://www.foo.com (Picked up by the CNAME record, re-directed via URL rewrite)
We are unable to resolve https://foo.com (i.e. the root domain over SSL).
This is because the request goes to the Go Daddy servers and they have no SSL bindings, and the request fails.
We could stop the Go Daddy redirect, add an A record to the Azure IP address and the problem is solved. But Azure IP addresses are not fixed so that is not possible.
The only solution that seems possible to me is to host our own re-direction service. But that seems to defeat the whole purpose of Azure as a solution for IT hardware.
How do we get around this?
- Bearbeitet Noel Abrahams Dienstag, 24. Juli 2012 13:43
Dienstag, 24. Juli 2012 14:24
"We could stop the Go Daddy redirect, add an A record to the Azure IP address and the problem is solved. But Azure IP addresses are not fixed so that is not possible."
The IP for a Windows Azure is retained until you delete the deployment. As long as you do not delete the deployment setting the A record is a viable option.
See https://www.windowsazure.com/en-us/develop/net/common-tasks/custom-dns/ for more information.
Don Glover: AzureDocGuy
- Als Antwort markiert Noel Abrahams Mittwoch, 25. Juli 2012 09:13
Mittwoch, 25. Juli 2012 09:12
Hi, Don, we had looked at setting the VIP as an option, but just avoided that as most of the docs/blogs seem to discourage that option. Even the link in your response says "CNAME or Alias record (preferred)". (Clearly the CNAME option should read "for non-SSL use only".)
However, having looked at it in a bit more depth, the VIP option doesn't look too bad, for as you say, the VIP is preserved so long as the deployment is not deleted. Also from the link:
"Conveniently, the IP address of a given deployment slot (production or staging) is persisted when using the two upgrade mechanisms in Windows Azure: VIP swaps and in-place upgrades."
So that should work for us.
Thanks for your help!