Add custom domain and custom certificate with Front Door
This template creates a Front Door configuration with a single backend, onboards a custom domain, and then secures the custom domain with a customer-managed certificate.
Parameters for this template are:
frontDoorName
- Name of the Front Door (for example,contoso
).customDomainName
- Host name of the custom domain (for example,contoso.com
orwww.contoso.com
).certificateKeyVaultResourceId
- The fully qualified resource ID of the Key Vault that contains the custom domain's certificate.certificateKeyVaultSecretName
- The name of the Key Vault secret that contains the custom domain's certificate.certificateKeyVaultSecretVersion
- The version of the Key Vault secret that contains the custom domain's certificate.backendAddress
- Host name of the backend (for example,contoso-backend.azurewebsites.net
).
For the deployment of this template to succeed the specified custom domain will require a CNAME to the Front Door's default frontend host (for example, contoso.azurefd.net
).
For example, for a Front Door instance named contoso
, the default frontend host name would be contoso.azurefd.net
. To add the custom domain www.contoso.com
, create a DNS CNAME entry for www.contoso.com
to contoso.azurefd.net
. For more details, see Tutorial: Add a custom domain to your Front Door.
You also need to configure your Key Vault instance to work with Front Door. See Prepare your Azure Key vault account and certificate.
Tags: Microsoft.Network/frontDoors, Microsoft.Network/frontdoors/frontendEndpoints/customHttpsConfiguration