This workload allows for the automatic creation, installation and renewal of a SSL/TLS certificate for Azure Virtual Machines using :
- Create the SSL/TLS certificate in the RCL Portal by using either the :
- The SAN option allow for two domains (wild card + naked domain, eg: *.contoso.com, contoso.com) on the certificate, whereas, the other option only allows one domain on the certificate.
- After creation, the certificate is automatically imported to Azure Key Vault
- Check for the certificate name and version in Azure Key Vault
Application Gateway supports TLS termination at the gateway, after which traffic typically flows unencrypted to the backend servers or virtual machines.
- Learn about : TLS Termination with Application Gateway
- Learn about : Virtual Machines with Application Gateway
After creating and installing the SSL/TLS certificate in Azure Key Vault using the RCL portal, follow the instructions in the link below to configure TLS termination with the Key Vault certificate and Application Gateway V2 :
- Configure TLS termination with Key Vault certificates and Application Gateway V2
SSL/TLS Certificates will expire within 90 days. Follow these instructions to automatically renew the certificate.
- Use the RCL AutoRenew Function to automatically renew certificates
- The certificates will be automatically renewed , imported to Key Vault and the TLS termination with Application gateway will be updated without any user interaction being required