If you want to change the DNS in Azure App Service Web App, this article will show you how. First, let's say that by default App Service is using Azure DNS servers for name resolution.

They are invisible to us in the PaaS environment and we can't really influence them in any way. So if we want any custom DNS scenarios, we have a way of changing this "Default" ( DNS Server.

Azure DNS

Ok, let's move on to actually changing the DNS Server.

Add a comment

Azure App Service Certificate is a SSL certificate purchased from Azure. It comes with many benefits and easy integrations with other Azure resources. The certificates are issued by GoDaddy's Certificate API in partnership with Azure.

You will see ASC be used a lot for substitute for App Service Certificate in this article

App Service Certificate

Table of Contents

Add a comment

Apart from securing your web apps there is another reason why you would use applicatoin gateway (WAF tier) in an ILB ASE. You can expose your web app to the internet. 

This is direct followup from the previous article about creating the ILB ASE itself - https://www.azuretechguy.com/ilb-ase-new

To integrate our ILB ASE with an WAF tier App Gateway we will be following this guide loosely because it is kind of old and screenshots are no longer relevant (as of now) but it gives good insight on how to achieve this

Table of Contents:


  • ILB ASE with at least 1 App Service plan and 1 Web App
  • Public Internet domain and access to its DNS
Add a comment

Deploying an ILB App Service Environment

Microsoft recently changed the ILB deployment in a big way. You can no longer specify your own domain name for your ILB ASE, you will now be using the appserviceenvironment.net domain by default. The reason for this change is actually a great one. No more having to deal with the ILB Certificate. Yes, by using the default appserviceenvironment.net domain, Microsoft will be taking care of the SSL certificate. 

So let's summarize what changed:

  • ILB ASE now uses the domain appserviceenvironment.net by default
  • appserviceenvironment.net is still not a public domain and you need to take care of the DNS for it
  • No need to provision the ILB Certificate, will be taken care of by Microsoft by default
  • Using Custom Domains on Web Apps inside the ILB ASE will be on per Web App base, just like outside of the ASE. Remember that the DNS for these custom domains is still in your hands and within local DNS inside the VNET
  • KUDU will now only be usable using the appserviceenvironment.net domain, a.k.a webappname.scm.asename.appserviceenvironment.net

So we will be deploying an ILB ASE and do the initial configuration

Let's start!

Table of Contents:

Add a comment