Custom Domains - Enable Custom Https
Enable https delivery of the custom domain.
POST https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Cdn/profiles/{profileName}/endpoints/{endpointName}/customDomains/{customDomainName}/enableCustomHttps?api-version=2025-04-15URI Parameters
| Name | In | Required | Type | Description |
|---|---|---|---|---|
|
custom
|
path | True |
string |
Name of the custom domain within an endpoint. |
|
endpoint
|
path | True |
string |
Name of the endpoint under the profile which is unique globally. |
|
profile
|
path | True |
string |
Name of the CDN profile which is unique within the resource group. |
|
resource
|
path | True |
string minLength: 1maxLength: 90 |
The name of the resource group. The name is case insensitive. |
|
subscription
|
path | True |
string (uuid) |
The ID of the target subscription. The value must be an UUID. |
|
api-version
|
query | True |
string minLength: 1 |
The API version to use for this operation. |
Request Body
The request body can be one of the following:
| Name | Description |
|---|---|
|
Cdn |
Defines the certificate source parameters using CDN managed certificate for enabling SSL. |
|
User |
Defines the certificate source parameters using user's keyvault certificate for enabling SSL. |
CdnManagedHttpsParameters
Defines the certificate source parameters using CDN managed certificate for enabling SSL.
| Name | Required | Type | Description |
|---|---|---|---|
| certificateSource | True |
string:
Cdn |
Defines the source of the SSL certificate. |
| certificateSourceParameters | True |
Defines the certificate source parameters using CDN managed certificate for enabling SSL. |
|
| protocolType | True |
Defines the TLS extension protocol that is used for secure delivery. |
|
| minimumTlsVersion |
TLS protocol version that will be used for Https |
UserManagedHttpsParameters
Defines the certificate source parameters using user's keyvault certificate for enabling SSL.
| Name | Required | Type | Description |
|---|---|---|---|
| certificateSource | True |
string:
Azure |
Defines the source of the SSL certificate. |
| certificateSourceParameters | True |
Defines the certificate source parameters using user's keyvault certificate for enabling SSL. |
|
| protocolType | True |
Defines the TLS extension protocol that is used for secure delivery. |
|
| minimumTlsVersion |
TLS protocol version that will be used for Https |
Responses
| Name | Type | Description |
|---|---|---|
| 200 OK |
OK. The request has succeeded. |
|
| 202 Accepted |
Accepted and the operation will complete asynchronously. Headers location: string |
|
| Other Status Codes |
CDN error response describing why the operation failed. |
Security
azure_auth
Azure Active Directory OAuth2 Flow.
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
| Name | Description |
|---|---|
| user_impersonation | impersonate your user account |
Examples
|
Custom |
|
Custom |
CustomDomains_EnableCustomHttpsUsingCDNManagedCertificate
Sample request
POST https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/RG/providers/Microsoft.Cdn/profiles/profile1/endpoints/endpoint1/customDomains/www-someDomain-net/enableCustomHttps?api-version=2025-04-15
Sample response
{
"name": "www-someDomain-net",
"id": "/subscriptions/subid/resourcegroups/RG/providers/Microsoft.Cdn/profiles/profile1/endpoints/endpoint1/customdomains/www-someDomain-net",
"type": "Microsoft.Cdn/profiles/endpoints/customdomains",
"properties": {
"provisioningState": "Succeeded",
"resourceState": "Active",
"hostName": "www.someDomain.net",
"customHttpsProvisioningState": "Enabled",
"customHttpsProvisioningSubstate": "CertificateDeployed",
"validationData": "validationdata"
}
}azure-asyncoperation: https://management.azure.com/subscriptions/subid/resourcegroups/resourceGroupName/providers/Microsoft.Cdn/operationresults/operationId?api-version=2025-04-15{
"name": "www-someDomain-net",
"id": "/subscriptions/subid/resourcegroups/RG/providers/Microsoft.Cdn/profiles/profile1/endpoints/endpoint1/customdomains/www-someDomain-net",
"type": "Microsoft.Cdn/profiles/endpoints/customdomains",
"properties": {
"provisioningState": "Succeeded",
"resourceState": "Active",
"hostName": "www.someDomain.net",
"customHttpsProvisioningState": "Enabling",
"customHttpsProvisioningSubstate": "PendingDomainControlValidationREquestApproval",
"validationData": "validationdata"
}
}CustomDomains_EnableCustomHttpsUsingYourOwnCertificate
Sample request
POST https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/RG/providers/Microsoft.Cdn/profiles/profile1/endpoints/endpoint1/customDomains/www-someDomain-net/enableCustomHttps?api-version=2025-04-15
Sample response
{
"name": "www-someDomain-net",
"id": "/subscriptions/subid/resourcegroups/RG/providers/Microsoft.Cdn/profiles/profile1/endpoints/endpoint1/customdomains/www-someDomain-net",
"type": "Microsoft.Cdn/profiles/endpoints/customdomains",
"properties": {
"provisioningState": "Succeeded",
"resourceState": "Active",
"hostName": "www.someDomain.net",
"customHttpsProvisioningState": "Enabled",
"customHttpsProvisioningSubstate": "CertificateDeployed",
"validationData": "validationdata"
}
}azure-asyncoperation: https://management.azure.com/subscriptions/subid/resourcegroups/resourceGroupName/providers/Microsoft.Cdn/operationresults/operationId?api-version=2025-04-15{
"name": "www-someDomain-net",
"id": "/subscriptions/subid/resourcegroups/RG/providers/Microsoft.Cdn/profiles/profile1/endpoints/endpoint1/customdomains/www-someDomain-net",
"type": "Microsoft.Cdn/profiles/endpoints/customdomains",
"properties": {
"provisioningState": "Succeeded",
"resourceState": "Active",
"hostName": "www.someDomain.net",
"customHttpsProvisioningState": "Enabling",
"customHttpsProvisioningSubstate": "PendingDomainControlValidationREquestApproval",
"validationData": "validationdata"
}
}Definitions
| Name | Description |
|---|---|
|
Cdn |
Defines the parameters for using CDN managed certificate for securing custom domain. |
|
Cdn |
Defines the certificate source parameters using CDN managed certificate for enabling SSL. |
|
Certificate |
Type of certificate used |
|
created |
The type of identity that created the resource. |
|
Custom |
Friendly domain name mapping to the endpoint hostname that the customer provides for branding purposes, e.g. |
|
Custom |
Resource status of the custom domain. |
|
Custom |
Provisioning status of the custom domain. |
|
Custom |
Provisioning substate shows the progress of custom HTTPS enabling/disabling process step by step. |
|
Delete |
Describes the action that shall be taken when the certificate is removed from Key Vault. |
|
Error |
The resource management error additional info. |
|
Error |
The error detail. |
|
Error |
Error response |
|
Key |
Describes the parameters for using a user's KeyVault certificate for securing custom domain. |
|
Minimum |
TLS protocol version that will be used for Https |
|
Protocol |
Defines the TLS extension protocol that is used for secure delivery. |
|
system |
Metadata pertaining to creation and last modification of the resource. |
|
Update |
Describes the action that shall be taken when the certificate is updated in Key Vault. |
|
User |
Defines the certificate source parameters using user's keyvault certificate for enabling SSL. |
CdnCertificateSourceParameters
Defines the parameters for using CDN managed certificate for securing custom domain.
| Name | Type | Description |
|---|---|---|
| certificateType |
Type of certificate used |
|
| typeName | string: |
CdnManagedHttpsParameters
Defines the certificate source parameters using CDN managed certificate for enabling SSL.
| Name | Type | Description |
|---|---|---|
| certificateSource |
string:
Cdn |
Defines the source of the SSL certificate. |
| certificateSourceParameters |
Defines the certificate source parameters using CDN managed certificate for enabling SSL. |
|
| minimumTlsVersion |
TLS protocol version that will be used for Https |
|
| protocolType |
Defines the TLS extension protocol that is used for secure delivery. |
CertificateType
Type of certificate used
| Value | Description |
|---|---|
| Shared | |
| Dedicated |
createdByType
The type of identity that created the resource.
| Value | Description |
|---|---|
| User | |
| Application | |
| ManagedIdentity | |
| Key |
CustomDomain
Friendly domain name mapping to the endpoint hostname that the customer provides for branding purposes, e.g. www.contoso.com.
| Name | Type | Description |
|---|---|---|
| id |
string (arm-id) |
Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" |
| name |
string |
The name of the resource |
| properties.customHttpsParameters | CustomDomainHttpsParameters: |
Certificate parameters for securing custom HTTPS |
| properties.customHttpsProvisioningState |
Provisioning status of the custom domain. |
|
| properties.customHttpsProvisioningSubstate |
Provisioning substate shows the progress of custom HTTPS enabling/disabling process step by step. |
|
| properties.hostName |
string |
The host name of the custom domain. Must be a domain name. |
| properties.provisioningState |
Provisioning status of Custom Https of the custom domain. |
|
| properties.resourceState |
Resource status of the custom domain. |
|
| properties.validationData |
string |
Special validation or data may be required when delivering CDN to some regions due to local compliance reasons. E.g. ICP license number of a custom domain is required to deliver content in China. |
| systemData |
Azure Resource Manager metadata containing createdBy and modifiedBy information. |
|
| type |
string |
The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" |
CustomDomainResourceState
Resource status of the custom domain.
| Value | Description |
|---|---|
| Creating | |
| Active | |
| Deleting |
CustomHttpsProvisioningState
Provisioning status of the custom domain.
| Value | Description |
|---|---|
| Enabling | |
| Enabled | |
| Disabling | |
| Disabled | |
| Failed |
CustomHttpsProvisioningSubstate
Provisioning substate shows the progress of custom HTTPS enabling/disabling process step by step.
| Value | Description |
|---|---|
| SubmittingDomainControlValidationRequest | |
| PendingDomainControlValidationREquestApproval | |
| DomainControlValidationRequestApproved | |
| DomainControlValidationRequestRejected | |
| DomainControlValidationRequestTimedOut | |
| IssuingCertificate | |
| DeployingCertificate | |
| CertificateDeployed | |
| DeletingCertificate | |
| CertificateDeleted |
DeleteRule
Describes the action that shall be taken when the certificate is removed from Key Vault.
| Value | Description |
|---|---|
| NoAction |
ErrorAdditionalInfo
The resource management error additional info.
| Name | Type | Description |
|---|---|---|
| info |
object |
The additional info. |
| type |
string |
The additional info type. |
ErrorDetail
The error detail.
| Name | Type | Description |
|---|---|---|
| additionalInfo |
The error additional info. |
|
| code |
string |
The error code. |
| details |
The error details. |
|
| message |
string |
The error message. |
| target |
string |
The error target. |
ErrorResponse
Error response
| Name | Type | Description |
|---|---|---|
| error |
The error object. |
KeyVaultCertificateSourceParameters
Describes the parameters for using a user's KeyVault certificate for securing custom domain.
| Name | Type | Description |
|---|---|---|
| deleteRule |
Describes the action that shall be taken when the certificate is removed from Key Vault. |
|
| resourceGroupName |
string |
Resource group of the user's Key Vault containing the SSL certificate |
| secretName |
string |
The name of Key Vault Secret (representing the full certificate PFX) in Key Vault. |
| secretVersion |
string |
The version(GUID) of Key Vault Secret in Key Vault. |
| subscriptionId |
string |
Subscription Id of the user's Key Vault containing the SSL certificate |
| typeName | string: | |
| updateRule |
Describes the action that shall be taken when the certificate is updated in Key Vault. |
|
| vaultName |
string |
The name of the user's Key Vault containing the SSL certificate |
MinimumTlsVersion
TLS protocol version that will be used for Https
| Value | Description |
|---|---|
| None | |
| TLS10 | |
| TLS12 |
ProtocolType
Defines the TLS extension protocol that is used for secure delivery.
| Value | Description |
|---|---|
| ServerNameIndication | |
| IPBased |
systemData
Metadata pertaining to creation and last modification of the resource.
| Name | Type | Description |
|---|---|---|
| createdAt |
string (date-time) |
The timestamp of resource creation (UTC). |
| createdBy |
string |
The identity that created the resource. |
| createdByType |
The type of identity that created the resource. |
|
| lastModifiedAt |
string (date-time) |
The timestamp of resource last modification (UTC) |
| lastModifiedBy |
string |
The identity that last modified the resource. |
| lastModifiedByType |
The type of identity that last modified the resource. |
UpdateRule
Describes the action that shall be taken when the certificate is updated in Key Vault.
| Value | Description |
|---|---|
| NoAction |
UserManagedHttpsParameters
Defines the certificate source parameters using user's keyvault certificate for enabling SSL.
| Name | Type | Description |
|---|---|---|
| certificateSource |
string:
Azure |
Defines the source of the SSL certificate. |
| certificateSourceParameters |
Defines the certificate source parameters using user's keyvault certificate for enabling SSL. |
|
| minimumTlsVersion |
TLS protocol version that will be used for Https |
|
| protocolType |
Defines the TLS extension protocol that is used for secure delivery. |