Add custom domain and custom certificate with Front Door
This template creates a Front Door configuration with a single backend, onboards a custom domain, and then secures the custom domain with a customer-managed certificate.
Parameters for this template are:
frontDoorName- Name of the Front Door (for example,contoso).customDomainName- Host name of the custom domain (for example,contoso.comorwww.contoso.com).certificateKeyVaultResourceId- The fully qualified resource ID of the Key Vault that contains the custom domain's certificate.certificateKeyVaultSecretName- The name of the Key Vault secret that contains the custom domain's certificate.certificateKeyVaultSecretVersion- The version of the Key Vault secret that contains the custom domain's certificate.backendAddress- Host name of the backend (for example,contoso-backend.azurewebsites.net).
For the deployment of this template to succeed the specified custom domain will require a CNAME to the Front Door's default frontend host (for example, contoso.azurefd.net).
For example, for a Front Door instance named contoso, the default frontend host name would be contoso.azurefd.net. To add the custom domain www.contoso.com, create a DNS CNAME entry for www.contoso.com to contoso.azurefd.net. For more details, see Tutorial: Add a custom domain to your Front Door.
You also need to configure your Key Vault instance to work with Front Door. See Prepare your Azure Key vault account and certificate.
Tags: Microsoft.Network/frontDoors, Microsoft.Network/frontdoors/frontendEndpoints/customHttpsConfiguration