Share via


Mapping a custom subdomain to an Azure Website

This article has been moved to its new home here: https://benperk.github.io/waws/2014/2014-10-mapping-a-custom-subdomain-to-an-azure-website.html

Mapping a custom domain name to your Azure Web App (Website) is based around a very important principle.  The principle being that you need to add a CNAME with a HOST = awverify.  This is how we confirm that you are indeed the owner of this domain.  If you have access to the DNS file configuration, I think it is a safe bet that you own or are responsible for the domain.

In the case of a sub domain, however, there is one small difference I have seen which needs some guidance or explanation.  Instead of the HOST = awverify CNAME that maps to your Azure Website, you need a CNAME for the subdomain and a HOST entry like awverify.subdomain.  Note, if you are mapping both the WWW and a subdomain, you need the HOST = awverify.

For example, I want to map subdomain https://is.benjamin.cool to my Azure Web App called https://reserved.azurewebsites.net. 

First, I added a CNAME for my “IS” sub domain via my DNS hosting providers’ management console, as shown in Figure 1.

Figure 1, generic CNAME record for a sub domain

After I save the changes and the DNS data propagates, accessing the sub domain results in a 404.  I have written about how to fix this here, but it is caused by the non-existent link between my custom domain and my Azure Web App on the Azure platform.

If I were to access the Azure Management Platform and attempt to add the link now, I would get the error illustrated in Figure 2.

Figure 2, Cannot add sub-domain, subdomain to my Azure Web App

There is sometimes a little confusion about the wording of the message.  It is my understanding that when you are adding a custom domain that has WWW, then you need only the CNAME = www.yourcustomdomainname.com that points to your Azure Web App (Website).  However, if you are wanting to map a naked domain or a subdomain to an Azure Web App you will need both, the CNAME that contains the subdomain, plus the AWVERIFY record.

Once I added the AWVERIFY record via my DNS provider console, as illustrated in Figure 3, I was able to map the subdomain to my Azure Web App, see Figure 4, and requests to my subdomain rendered as expected.

Figure 3, configuring an AWVERIFY subdomain CNAME for binding to an Azure Web App

Figure 4, binding the custom subdomain to an Azure Web App, last step

See the list of articles below for information about that and how to map other types of custom domains to your Azure Web App (Website).

  • Mapping a subdomain to an Azure Web App (Website), here
  • Mapping a naked domain to an Azure Web App (Website), here
  • Mapping a custom domain to a Traffic Manager domain, here
  • Mapping a custom domain that includes a special character, here
  • Mapping a wildcard domain to an Azure Web App, here

Comments

  • Anonymous
    April 05, 2015
    Hi Benjamin, Is it possible to do this programmatically? What if I want paying customers to automatically have a sub-domain configured as does Wordpress? Can I do this on the Azure platform? Thanks.

  • Anonymous
    June 03, 2015
    Thanks for your post Ben! I have about 5 mapping for my domains and azure website and it works great. But now I have custom case when I have domain which runs not in azure and I need to map only one subdomain to azure. A have added CNAME also with awverify and without and it didn't work. Azure always ask me to add CNAME a have already add. What should I do?

  • Anonymous
    August 06, 2015
    The comment has been removed

  • Anonymous
    October 17, 2015
    I can still read all the blurred out text, including that IP address..

  • Anonymous
    October 26, 2015
    The comment has been removed

  • Anonymous
    March 07, 2016
    DubaStep may not realize that the server hosting the application may also be hosting applications from other users as well. If this verification was not in place, a malicious user could match their domain name to another app they know is hosted in their same data center. And if the code under the hood for setting up Bindings is the same in Azure as a typical Windows server, then the last binding assigned replaces previous ones for the same domain name, essentially hijacking traffic to their application instead of the owner of that domain.

  • Anonymous
    March 26, 2016
    Thanks for clarifying this. If what you say is true, there a mistake in Azure documentation and its error message. It doesn't say you have to include the subdomain in the target too. For example, the error message says it can't find awverify.subdomain.reserved.com pointing to awverify.reserved.azurewebsites.net whereas as per your article, it should be pointing to awverify.subdomain.reserved.azurewebsites.net. I wasted many hours on this before finding this article.