If you are looking for a resource that describes installing an SSL certificate on a Windows Azure Web Site, check here

There are multiple modes currently supported on the Windows Azure Web Site platform:

  • SNI base SSL – This is a new feature in IIS 8+ (SNI) that extends the ability for multiple security certificates to be bound to multiple HOSTNAMEs on a server with a single IP and PORT.  (modern browsers support this SSL mode)
  • IP based SSL – The traditional binding of a certificate to a unique IP and PORT on a server

For some further information on how to implement both, please look here.

In some cases you might want to prevent users from accessing your website using anything other than HTTPS.  To achieve this, add the following code, illustrated in Listing 1, to your web.config file.

Listing 1, Prevent HTTP connectivity to you Windows Azure Web Site, allow HTTPS only


<system.webServer>
  <rewrite>
    <rules>
      <rule name="Redirect to https">
        <match url="(.*)"/>
        <conditions>
          <add input="{HTTPS}" pattern="Off"/>
          <add input=”{REQUEST_METHOD}” pattern=”^get$|^head$” />
        </conditions>
        <action type="Redirect" url="https://{HTTP_HOST}/{R:1}"/>
      </rule>
    </rules>
  </rewrite>
</system.webServer>

Once added, deploy the web.config file to your Windows Azure Web Site and requests to HTTP are redirected to HTTPS using this URL Rewrite rule.  That is how you would prevent HTTP traffic onto you Windows Azure Web Site.

Note: the configuration shown in Listing 1 contains a condition base on the request method.  For example, GET and HEAD.  In this case only requests using those verbs will be redirected to HTTPS, if, for example, POST is used, the rule would not be executed as the conditions would not be meet.

UPDATE 17-JAN-2014

Here is an article concerning the support and installation of intermediate certificates on windows Azure Web Sites.