- Details
- Written by Azure Tech Guy
We see CAA records more and since CAs are now obligated to check for CAA records when issuing SSL certificates. With this comes the question - How to create a CAA record in Azure DNS? Because it's not currently on the dropdown when selecting the type of DNS record.
What is CAA record?
The Certification Authority Authorization (CAA) DNS Resource Record allows a DNS domain name holder to specify one or more Certification Authorities (CAs) authorized to issue certificates for that domain. CAA Resource Records allow a public Certification Authority to implement additional controls to reduce the risk of unintended certificate mis-issue. It's a really good security measure which gives you control over SSL issuence under your domain. Basically, you set the CAA record which tells which CAs can issue a certificate for your domain. You need to list them.
You can find a list of CA names and domains here - https://sslmate.com/caa/
CloudFlare questions related to CAA answered here - https://support.cloudflare.com/hc/en-us/articles/115000310832-Certification-Authority-Authorization-CAA-FAQ
Add a comment- Details
- Written by Azure Tech Guy
Here is how you can copy files from one Azure Storage account to another. Simple scenario for this is if you want to move entirely from one Storage account to another. In my case I was running for quite some time on a Gen1 Blob-only storage account and now i want to be on the new modern Gen2 general purpose storage account.
Requirements
- Acces to source and destination storage accounts
Preparations
We want to move the data securely and quickly so the best choice is just by using Azure CLI, the AzCopy commands and SAS tokens to authenticate the requests.
Go to your source Azure Storage account and go to Shared access signature blade
Add a commentRead more: How to copy files from one Azure Storage account to another
- Details
- Written by Azure Tech Guy
The default App Service domain xxx.azurewebsites.net cannot be changed or removed. It is there to stay. If you don't want users to access it, your option is to redirect the azurewebsites.net requests to your custom domain.
If your Web App is running on Windows then you can achieve this with a web.config placed in the wwwroot directory.
Table of Contents
Redirect azurewebsites.net
There place the following code under <configuration>/<system.webServer>/<rewrite>/<rules>. Change the CAPITALZED webappname and custom domain below with your own values.
<rule name="Redirect azurewebsites.net to Custom Domain" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTP_HOST}" pattern="^(.*?)\.azurewebsites\.net$" />
</conditions>
<action type="Redirect" url="https://CUSTOMDOMAIN.COM/{R:0}" appendQueryString="true" redirectType="Permanent" />
</rule>
Add a comment
- Details
- Written by Azure Tech Guy
If you want free SSL certficiate for your App Service - App Service Managed Certificate is finally here. Secure custom domains for your web apps with App Service Managed Certificates.
Let's first talk about limitaions
Requirements & Limitations
- Currently in Preview (might have some bugs, although no bugs reported yet)
- Only works for sub-domains. Naked (Apex) domains are not supported for now
- Can only be provisioned if an active CNAME is directly pointed to your webappname.azurewebsites domain (Live migrate DNS with awverify will not work)
- Needs existing "Custom Domain" entry for the domain
- Requires Basic or above App Service plan
- Cannot be exported
- Cannot be wilcard (*.domain.com)
Page 2 of 4