@leketch , Thanks for posting this question!
Firstly, hosting a website on an Azure Virtual Machine (IAAS) is typically the same as you would deploy on-prem.
You would typically install, design and configure (/secure custom domain) the website in the same fashion.
[Deploy a VM, Provision the Website, Open appropriate ports in NSG, Add and secure a custom domain, Access the site securely]
You could purchase an App Service certificate-
- A private certificate that's managed by Azure. It combines the simplicity of automated certificate management and the flexibility of renewal and export options.
App Service Certificate can be used on an Azure VM.
Kindly take a look at the steps outlined in this doc - Configure App Service Certificate to Azure Virtual machines
(it describes steps for IIS web server, similar steps hold good, other web server as well).
Also, please check these docs for the process:
Tutorial: Use TLS/SSL certificates to secure a web server
Additionally:
See create a PHP web app in Azure App Service -other website hosting option on Azure.
If you any further questions on this topic, please let us know.