Custom Domains - Enable Custom Https

Service:

CDN

API Version:

2025-04-15

Enable https delivery of the custom domain.

POST https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Cdn/profiles/{profileName}/endpoints/{endpointName}/customDomains/{customDomainName}/enableCustomHttps?api-version=2025-04-15

URI Parameters

Name	In	Required	Type	Description
customDomainName	path	True	string	Name of the custom domain within an endpoint.
endpointName	path	True	string	Name of the endpoint under the profile which is unique globally.
profileName	path	True	string	Name of the CDN profile which is unique within the resource group.
resourceGroupName	path	True	string minLength: 1 maxLength: 90	The name of the resource group. The name is case insensitive.
subscriptionId	path	True	string (uuid)	The ID of the target subscription. The value must be an UUID.
api-version	query	True	string minLength: 1	The API version to use for this operation.

Request Body

The request body can be one of the following:

Name	Description
CdnManagedHttpsParameters	Defines the certificate source parameters using CDN managed certificate for enabling SSL.
UserManagedHttpsParameters	Defines the certificate source parameters using user's keyvault certificate for enabling SSL.

CdnManagedHttpsParameters

Defines the certificate source parameters using CDN managed certificate for enabling SSL.

Name	Required	Type	Description
certificateSource	True	string: Cdn	Defines the source of the SSL certificate.
certificateSourceParameters	True	CdnCertificateSourceParameters	Defines the certificate source parameters using CDN managed certificate for enabling SSL.
protocolType	True	ProtocolType	Defines the TLS extension protocol that is used for secure delivery.
minimumTlsVersion		MinimumTlsVersion	TLS protocol version that will be used for Https

UserManagedHttpsParameters

Defines the certificate source parameters using user's keyvault certificate for enabling SSL.

Name	Required	Type	Description
certificateSource	True	string: AzureKeyVault	Defines the source of the SSL certificate.
certificateSourceParameters	True	KeyVaultCertificateSourceParameters	Defines the certificate source parameters using user's keyvault certificate for enabling SSL.
protocolType	True	ProtocolType	Defines the TLS extension protocol that is used for secure delivery.
minimumTlsVersion		MinimumTlsVersion	TLS protocol version that will be used for Https

Responses

Name	Type	Description
200 OK	CustomDomain	OK. The request has succeeded.
202 Accepted	CustomDomain	Accepted and the operation will complete asynchronously. Headers location: string
Other Status Codes	ErrorResponse	CDN error response describing why the operation failed.

Security

azure_auth

Azure Active Directory OAuth2 Flow.

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name	Description
user_impersonation	impersonate your user account

Examples

CustomDomains_EnableCustomHttpsUsingCDNManagedCertificate

CustomDomains_EnableCustomHttpsUsingYourOwnCertificate

CustomDomains_EnableCustomHttpsUsingCDNManagedCertificate

Sample request

HTTP

POST https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/RG/providers/Microsoft.Cdn/profiles/profile1/endpoints/endpoint1/customDomains/www-someDomain-net/enableCustomHttps?api-version=2025-04-15

dotnet

using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Cdn.Models;
using Azure.ResourceManager.Cdn;

// Generated from example definition: specification/cdn/resource-manager/Microsoft.Cdn/stable/2025-04-15/examples/CustomDomains_EnableCustomHttpsUsingCDNManagedCertificate.json
// this example is just showing the usage of "CdnCustomDomains_EnableCustomHttps" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this CdnCustomDomainResource created on azure
// for more information of creating CdnCustomDomainResource, please refer to the document of CdnCustomDomainResource
string subscriptionId = "subid";
string resourceGroupName = "RG";
string profileName = "profile1";
string endpointName = "endpoint1";
string customDomainName = "www-someDomain-net";
ResourceIdentifier cdnCustomDomainResourceId = CdnCustomDomainResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, profileName, endpointName, customDomainName);
CdnCustomDomainResource cdnCustomDomain = client.GetCdnCustomDomainResource(cdnCustomDomainResourceId);

// invoke the operation
ArmOperation<CdnCustomDomainResource> lro = await cdnCustomDomain.EnableCustomHttpsAsync(WaitUntil.Completed);
CdnCustomDomainResource result = lro.Value;

// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
CdnCustomDomainData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Sample response

Status code:

200

{
  "name": "www-someDomain-net",
  "id": "/subscriptions/subid/resourcegroups/RG/providers/Microsoft.Cdn/profiles/profile1/endpoints/endpoint1/customdomains/www-someDomain-net",
  "type": "Microsoft.Cdn/profiles/endpoints/customdomains",
  "properties": {
    "provisioningState": "Succeeded",
    "resourceState": "Active",
    "hostName": "www.someDomain.net",
    "customHttpsProvisioningState": "Enabled",
    "customHttpsProvisioningSubstate": "CertificateDeployed",
    "validationData": "validationdata"
  }
}

Status code:

202

azure-asyncoperation: https://management.azure.com/subscriptions/subid/resourcegroups/resourceGroupName/providers/Microsoft.Cdn/operationresults/operationId?api-version=2025-04-15

{
  "name": "www-someDomain-net",
  "id": "/subscriptions/subid/resourcegroups/RG/providers/Microsoft.Cdn/profiles/profile1/endpoints/endpoint1/customdomains/www-someDomain-net",
  "type": "Microsoft.Cdn/profiles/endpoints/customdomains",
  "properties": {
    "provisioningState": "Succeeded",
    "resourceState": "Active",
    "hostName": "www.someDomain.net",
    "customHttpsProvisioningState": "Enabling",
    "customHttpsProvisioningSubstate": "PendingDomainControlValidationREquestApproval",
    "validationData": "validationdata"
  }
}

CustomDomains_EnableCustomHttpsUsingYourOwnCertificate

Sample request

HTTP

POST https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/RG/providers/Microsoft.Cdn/profiles/profile1/endpoints/endpoint1/customDomains/www-someDomain-net/enableCustomHttps?api-version=2025-04-15

dotnet

using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Cdn.Models;
using Azure.ResourceManager.Cdn;

// Generated from example definition: specification/cdn/resource-manager/Microsoft.Cdn/stable/2025-04-15/examples/CustomDomains_EnableCustomHttpsUsingBYOC.json
// this example is just showing the usage of "CdnCustomDomains_EnableCustomHttps" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this CdnCustomDomainResource created on azure
// for more information of creating CdnCustomDomainResource, please refer to the document of CdnCustomDomainResource
string subscriptionId = "subid";
string resourceGroupName = "RG";
string profileName = "profile1";
string endpointName = "endpoint1";
string customDomainName = "www-someDomain-net";
ResourceIdentifier cdnCustomDomainResourceId = CdnCustomDomainResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, profileName, endpointName, customDomainName);
CdnCustomDomainResource cdnCustomDomain = client.GetCdnCustomDomainResource(cdnCustomDomainResourceId);

// invoke the operation
ArmOperation<CdnCustomDomainResource> lro = await cdnCustomDomain.EnableCustomHttpsAsync(WaitUntil.Completed);
CdnCustomDomainResource result = lro.Value;

// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
CdnCustomDomainData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Sample response

Status code:

200

{
  "name": "www-someDomain-net",
  "id": "/subscriptions/subid/resourcegroups/RG/providers/Microsoft.Cdn/profiles/profile1/endpoints/endpoint1/customdomains/www-someDomain-net",
  "type": "Microsoft.Cdn/profiles/endpoints/customdomains",
  "properties": {
    "provisioningState": "Succeeded",
    "resourceState": "Active",
    "hostName": "www.someDomain.net",
    "customHttpsProvisioningState": "Enabled",
    "customHttpsProvisioningSubstate": "CertificateDeployed",
    "validationData": "validationdata"
  }
}

Status code:

202

azure-asyncoperation: https://management.azure.com/subscriptions/subid/resourcegroups/resourceGroupName/providers/Microsoft.Cdn/operationresults/operationId?api-version=2025-04-15

{
  "name": "www-someDomain-net",
  "id": "/subscriptions/subid/resourcegroups/RG/providers/Microsoft.Cdn/profiles/profile1/endpoints/endpoint1/customdomains/www-someDomain-net",
  "type": "Microsoft.Cdn/profiles/endpoints/customdomains",
  "properties": {
    "provisioningState": "Succeeded",
    "resourceState": "Active",
    "hostName": "www.someDomain.net",
    "customHttpsProvisioningState": "Enabling",
    "customHttpsProvisioningSubstate": "PendingDomainControlValidationREquestApproval",
    "validationData": "validationdata"
  }
}

Definitions

Name	Description
CdnCertificateSourceParameters	Defines the parameters for using CDN managed certificate for securing custom domain.
CdnManagedHttpsParameters	Defines the certificate source parameters using CDN managed certificate for enabling SSL.
CertificateType	Type of certificate used
createdByType	The type of identity that created the resource.
CustomDomain	Friendly domain name mapping to the endpoint hostname that the customer provides for branding purposes, e.g. www.contoso.com.
CustomDomainResourceState	Resource status of the custom domain.
CustomHttpsProvisioningState	Provisioning status of the custom domain.
CustomHttpsProvisioningSubstate	Provisioning substate shows the progress of custom HTTPS enabling/disabling process step by step.
DeleteRule	Describes the action that shall be taken when the certificate is removed from Key Vault.
ErrorAdditionalInfo	The resource management error additional info.
ErrorDetail	The error detail.
ErrorResponse	Error response
KeyVaultCertificateSourceParameters	Describes the parameters for using a user's KeyVault certificate for securing custom domain.
MinimumTlsVersion	TLS protocol version that will be used for Https
ProtocolType	Defines the TLS extension protocol that is used for secure delivery.
systemData	Metadata pertaining to creation and last modification of the resource.
UpdateRule	Describes the action that shall be taken when the certificate is updated in Key Vault.
UserManagedHttpsParameters	Defines the certificate source parameters using user's keyvault certificate for enabling SSL.

CdnCertificateSourceParameters

Object

Defines the parameters for using CDN managed certificate for securing custom domain.

Name	Type	Description
certificateType	CertificateType	Type of certificate used
typeName	string: CdnCertificateSourceParameters

CdnManagedHttpsParameters

Object

Defines the certificate source parameters using CDN managed certificate for enabling SSL.

Name	Type	Description
certificateSource	string: Cdn	Defines the source of the SSL certificate.
certificateSourceParameters	CdnCertificateSourceParameters	Defines the certificate source parameters using CDN managed certificate for enabling SSL.
minimumTlsVersion	MinimumTlsVersion	TLS protocol version that will be used for Https
protocolType	ProtocolType	Defines the TLS extension protocol that is used for secure delivery.

CertificateType

Enumeration

Type of certificate used

Value	Description
Shared
Dedicated

createdByType

Enumeration

The type of identity that created the resource.

Value	Description
User
Application
ManagedIdentity
Key

CustomDomain

Object

Friendly domain name mapping to the endpoint hostname that the customer provides for branding purposes, e.g. www.contoso.com.

Name	Type	Description
id	string (arm-id)	Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
name	string	The name of the resource
properties.customHttpsParameters	CustomDomainHttpsParameters: CdnManagedHttpsParameters UserManagedHttpsParameters	Certificate parameters for securing custom HTTPS
properties.customHttpsProvisioningState	CustomHttpsProvisioningState	Provisioning status of the custom domain.
properties.customHttpsProvisioningSubstate	CustomHttpsProvisioningSubstate	Provisioning substate shows the progress of custom HTTPS enabling/disabling process step by step.
properties.hostName	string	The host name of the custom domain. Must be a domain name.
properties.provisioningState	CustomHttpsProvisioningState	Provisioning status of Custom Https of the custom domain.
properties.resourceState	CustomDomainResourceState	Resource status of the custom domain.
properties.validationData	string	Special validation or data may be required when delivering CDN to some regions due to local compliance reasons. E.g. ICP license number of a custom domain is required to deliver content in China.
systemData	systemData	Azure Resource Manager metadata containing createdBy and modifiedBy information.
type	string	The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"

CustomDomainResourceState

Enumeration

Resource status of the custom domain.

Value	Description
Creating
Active
Deleting

CustomHttpsProvisioningState

Enumeration

Provisioning status of the custom domain.

Value	Description
Enabling
Enabled
Disabling
Disabled
Failed

CustomHttpsProvisioningSubstate

Enumeration

Provisioning substate shows the progress of custom HTTPS enabling/disabling process step by step.

Value	Description
SubmittingDomainControlValidationRequest
PendingDomainControlValidationREquestApproval
DomainControlValidationRequestApproved
DomainControlValidationRequestRejected
DomainControlValidationRequestTimedOut
IssuingCertificate
DeployingCertificate
CertificateDeployed
DeletingCertificate
CertificateDeleted

DeleteRule

Enumeration

Describes the action that shall be taken when the certificate is removed from Key Vault.

Value	Description
NoAction

ErrorAdditionalInfo

Object

The resource management error additional info.

Name	Type	Description
info	object	The additional info.
type	string	The additional info type.

ErrorDetail

Object

The error detail.

Name	Type	Description
additionalInfo	ErrorAdditionalInfo[]	The error additional info.
code	string	The error code.
details	ErrorDetail[]	The error details.
message	string	The error message.
target	string	The error target.

ErrorResponse

Object

Error response

Name	Type	Description
error	ErrorDetail	The error object.

KeyVaultCertificateSourceParameters

Object

Describes the parameters for using a user's KeyVault certificate for securing custom domain.

Name	Type	Description
deleteRule	DeleteRule	Describes the action that shall be taken when the certificate is removed from Key Vault.
resourceGroupName	string	Resource group of the user's Key Vault containing the SSL certificate
secretName	string	The name of Key Vault Secret (representing the full certificate PFX) in Key Vault.
secretVersion	string	The version(GUID) of Key Vault Secret in Key Vault.
subscriptionId	string	Subscription Id of the user's Key Vault containing the SSL certificate
typeName	string: KeyVaultCertificateSourceParameters
updateRule	UpdateRule	Describes the action that shall be taken when the certificate is updated in Key Vault.
vaultName	string	The name of the user's Key Vault containing the SSL certificate

MinimumTlsVersion

Enumeration

TLS protocol version that will be used for Https

Value	Description
None
TLS10
TLS12

ProtocolType

Enumeration

Defines the TLS extension protocol that is used for secure delivery.

Value	Description
ServerNameIndication
IPBased

systemData

Object

Metadata pertaining to creation and last modification of the resource.

Name	Type	Description
createdAt	string (date-time)	The timestamp of resource creation (UTC).
createdBy	string	The identity that created the resource.
createdByType	createdByType	The type of identity that created the resource.
lastModifiedAt	string (date-time)	The timestamp of resource last modification (UTC)
lastModifiedBy	string	The identity that last modified the resource.
lastModifiedByType	createdByType	The type of identity that last modified the resource.

UpdateRule

Enumeration

Describes the action that shall be taken when the certificate is updated in Key Vault.

Value	Description
NoAction

UserManagedHttpsParameters

Object

Defines the certificate source parameters using user's keyvault certificate for enabling SSL.

Name	Type	Description
certificateSource	string: AzureKeyVault	Defines the source of the SSL certificate.
certificateSourceParameters	KeyVaultCertificateSourceParameters	Defines the certificate source parameters using user's keyvault certificate for enabling SSL.
minimumTlsVersion	MinimumTlsVersion	TLS protocol version that will be used for Https
protocolType	ProtocolType	Defines the TLS extension protocol that is used for secure delivery.