New-AzureRmWebAppSSLBinding
Creates an SSL certificate binding for an Azure Web App.
Warning
The AzureRM PowerShell module has been officially deprecated as of February 29, 2024. Users are advised to migrate from AzureRM to the Az PowerShell module to ensure continued support and updates.
Although the AzureRM module may still function, it's no longer maintained or supported, placing any continued use at the user's discretion and risk. Please refer to our migration resources for guidance on transitioning to the Az module.
Syntax
New-AzureRmWebAppSSLBinding
[-ResourceGroupName] <String>
[-WebAppName] <String>
[[-Slot] <String>]
[-Name] <String>
[[-SslState] <SslState>]
[-CertificateFilePath] <String>
[-CertificatePassword] <String>
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>]
New-AzureRmWebAppSSLBinding
[-ResourceGroupName] <String>
[-WebAppName] <String>
[[-Slot] <String>]
[-Name] <String>
[[-SslState] <SslState>]
[-Thumbprint] <String>
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>]
New-AzureRmWebAppSSLBinding
[-WebApp] <PSSite>
[-Name] <String>
[[-SslState] <SslState>]
[-CertificateFilePath] <String>
[-CertificatePassword] <String>
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>]
New-AzureRmWebAppSSLBinding
[-WebApp] <PSSite>
[-Name] <String>
[[-SslState] <SslState>]
[-Thumbprint] <String>
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>]
Description
The New-AzureRmWebAppSSLBinding cmdlet creates a Secure Socket Layer (SSL) certificate binding for an Azure Web App. The cmdlet creates an SSL binding in two ways:
- You can bind a Web App to an existing certificate.
- You can upload a new certificate and then bind the Web App to this new certificate. Regardless of which approach you use, the certificate and the Web App must be associated with the same Azure resource group. If you have a Web App in Resource Group A and you want to bind that Web App to a certificate in Resource Group B, the only way to do that is to upload a copy of the certificate to Resource Group A. If you upload a new certificate, keep in mind the following requirements for an Azure SSL certificate:
- The certificate must contain a private key.
- The certificate must use the Personal Information Exchange (PFX) format.
- The certificate's subject name must match the domain used to access the Web App.
- The certificate must use a minimum of 2048-bit encryption.
Examples
Example 1: Bind a certificate to a Web App
PS C:\>New-AzureRmWebAppSSLBinding -ResourceGroupName "ContosoResourceGroup" -WebAppName "ContosoWebApp" -Thumbprint "E3A38EBA60CAA1C162785A2E1C44A15AD450199C3" -Name "www.contoso.com"
This command binds an existing Azure certificate (a certificate with the Thumbprint E3A38EBA60CAA1C162785A2E1C44A15AD450199C3) to the web app named ContosoWebApp.
Parameters
-CertificateFilePath
Specifies the file path for the certificate to be uploaded. The CertificateFilePath parameter is only required if the certificate has not yet been uploaded to Azure.
Type: | String |
Position: | 4 |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-CertificatePassword
Specifies the decryption password for the certificate.
Type: | String |
Position: | 5 |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with azure.
Type: | IAzureContextContainer |
Aliases: | AzureRmContext, AzureCredential |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Name
Specifies the name of the Web App.
Type: | String |
Position: | 3 |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ResourceGroupName
Specifies the name of the resource group that the certificate is assigned to. You cannot use the ResourceGroupName parameter and the WebApp parameter in the same command.
Type: | String |
Position: | 0 |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Slot
Specifies the name of the Web App deployment slot. You can use the Get-AzureRMWebAppSlot cmdlet to get a slot. Deployment slots provide a way for you to stage and validate web apps without those apps being accessible over the Internet. Typically you will deploy your changes to a staging site, validate those changes, and then deploy to the production (Internet-accessible) site.
Type: | String |
Position: | 2 |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-SslState
Specifies whether the certificate is enabled. Set the SSLState parameter to 1 to enable the certificate, or set SSLState to 0 to disable the certificate.
Type: | Nullable<T>[SslState] |
Accepted values: | Disabled, SniEnabled, IpBasedEnabled |
Position: | 4 |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Thumbprint
Specifies the unique identifier for the certificate.
Type: | String |
Position: | 6 |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-WebApp
Specifies a Web App. To get a Web App, use the Get-AzureRmWebApp cmdlet. You cannot use the WebApp parameter in the same command as the ResourceGroupName parameter and/or the WebAppName.
Type: | PSSite |
Position: | 0 |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-WebAppName
Specifies the name of the Web App for which the new SSL binding is being created. You cannot use the WebAppName parameter and the WebApp parameter in the same command.
Type: | String |
Position: | 1 |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Inputs
Parameters: WebApp (ByValue)