Enable-AzFrontDoorCustomDomainHttps
Enable HTTPS for a custom domain using Front Door managed certificate or using own certificate from Azure Key Vault.
Syntax
Enable-AzFrontDoorCustomDomainHttps
-ResourceGroupName <String>
-FrontDoorName <String>
-FrontendEndpointName <String>
[-MinimumTlsVersion <String>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Enable-AzFrontDoorCustomDomainHttps
-ResourceGroupName <String>
-FrontDoorName <String>
-FrontendEndpointName <String>
-VaultId <String>
-SecretName <String>
[-SecretVersion <String>]
[-MinimumTlsVersion <String>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Enable-AzFrontDoorCustomDomainHttps
-ResourceId <String>
[-MinimumTlsVersion <String>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Enable-AzFrontDoorCustomDomainHttps
-ResourceId <String>
-VaultId <String>
-SecretName <String>
[-SecretVersion <String>]
[-MinimumTlsVersion <String>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Enable-AzFrontDoorCustomDomainHttps
-InputObject <PSFrontendEndpoint>
[-MinimumTlsVersion <String>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Enable-AzFrontDoorCustomDomainHttps
-InputObject <PSFrontendEndpoint>
-VaultId <String>
-SecretName <String>
[-SecretVersion <String>]
[-MinimumTlsVersion <String>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
The Enable-AzFrontDoorCustomDomainHttps enables HTTPS for a custom domain.
Examples
Example 1: Enable HTTPS for a custom domain with FrontDoorName and ResourceGroupName using Front Door managed certificate.
Enable-AzFrontDoorCustomDomainHttps -ResourceGroupName "resourcegroup1" -FrontDoorName "frontdoor1" -FrontendEndpointName "frontendpointname1-custom-xyz" -MinimumTlsVersion "1.2"
HostName : frontendpointname1.custom.xyz
SessionAffinityEnabledState : Disabled
SessionAffinityTtlSeconds : 0
WebApplicationFirewallPolicyLink :
Backends :
CustomHttpsProvisioningState : Enabling
CustomHttpsProvisioningSubstate : SubmittingDomainControlValidationRequest
CertificateSource : FrontDoor
ProtocolType : ServerNameIndication
MinimumTlsVersion : 1.2
Vault :
SecretName :
SecretVersion :
CertificateType :
ResourceState : Enabled
Id : /subscriptions/{guid}/resourcegroups/resourcegroup1
/providers/Microsoft.Network/frontdoors/frontdoor1/frontendendpoints/frontendpointname1-custom-xyz
Name : frontendpointname1-custom-xyz
Type : Microsoft.Network/frontdoors/frontendendpointsEnable HTTPS for a custom domain "frontendpointname1-custom-xyz" that is part of Front Door "frontdoor1" in resource group "resourcegroup1" using Front Door managed certificate.
Example 2: Enable HTTPS for a custom domain with FrontDoorName and ResourceGroupName using customer's own certificate in Key Vault with the specific version.
$vaultId = (Get-AzKeyVault -VaultName $vaultName).ResourceId
Enable-AzFrontDoorCustomDomainHttps -ResourceGroupName "resourcegroup1" -FrontDoorName "frontdoor1" -FrontendEndpointName "frontendpointname1-custom-xyz" -VaultId $vaultId -secretName $secretName -SecretVersion $secretVersion -MinimumTlsVersion "1.0"
HostName : frontendpointname1.custom.xyz
SessionAffinityEnabledState : Disabled
SessionAffinityTtlSeconds : 0
WebApplicationFirewallPolicyLink :
Backends :
CustomHttpsProvisioningState : Enabling
CustomHttpsProvisioningSubstate : SubmittingDomainControlValidationRequest
CertificateSource : AzureKeyVault
ProtocolType : ServerNameIndication
MinimumTlsVersion : 1.0
Vault :
SecretName :
SecretVersion :
CertificateType :
ResourceState : Enabled
Id : /subscriptions/{guid}/resourcegroups/resourcegroup1
/providers/Microsoft.Network/frontdoors/frontdoor1/frontendendpoints/frontendpointname1-custom-xyz
Name : frontendpointname1-custom-xyz
Type : Microsoft.Network/frontdoors/frontendendpointsEnable HTTPS for a custom domain "frontendpointname1-custom-xyz" that is part of Front Door "frontdoor1" in resource group "resourcegroup1" using customer's own certificate in Key Vault with the specific version.
Example 3: Enable HTTPS for a custom domain with PSFrontendEndpoint object using Front Door managed certificate.
Get-AzFrontDoorFrontendEndpoint -ResourceGroupName "resourcegroup1" -FrontDoorName "frontdoor1" -Name "frontendpointname1-custom-xyz" | Enable-AzFrontDoorCustomDomainHttps
HostName : frontendpointname1.custom.xyz
SessionAffinityEnabledState : Disabled
SessionAffinityTtlSeconds : 0
WebApplicationFirewallPolicyLink :
Backends :
CustomHttpsProvisioningState : Enabling
CustomHttpsProvisioningSubstate : SubmittingDomainControlValidationRequest
CertificateSource : FrontDoor
ProtocolType : ServerNameIndication
MinimumTlsVersion : 1.2
Vault :
SecretName :
SecretVersion :
CertificateType :
ResourceState : Enabled
Id : /subscriptions/{guid}/resourcegroups/resourcegroup1
/providers/Microsoft.Network/frontdoors/frontdoor1/frontendendpoints/frontendpointname1-custom-xyz
Name : frontendpointname1-custom-xyz
Type : Microsoft.Network/frontdoors/frontendendpointsEnable HTTPS for a custom domain with PSFrontendEndpoint object using Front Door managed certificate.
Example 4: Enable HTTPS for a custom domain with resource id using Front Door managed certificate.
Enable-AzFrontDoorCustomDomainHttps -ResourceId $resourceId
HostName : frontendpointname1.custom.xyz
SessionAffinityEnabledState : Disabled
SessionAffinityTtlSeconds : 0
WebApplicationFirewallPolicyLink :
Backends :
CustomHttpsProvisioningState : Enabling
CustomHttpsProvisioningSubstate : SubmittingDomainControlValidationRequest
CertificateSource : FrontDoor
ProtocolType : ServerNameIndication
MinimumTlsVersion : 1.2
Vault :
SecretName :
SecretVersion :
CertificateType :
ResourceState : Enabled
Id : /subscriptions/{guid}/resourcegroups/resourcegroup1
/providers/Microsoft.Network/frontdoors/frontdoor1/frontendendpoints/frontendpointname1-custom-xyz
Name : frontendpointname1-custom-xyz
Type : Microsoft.Network/frontdoors/frontendendpointsEnable HTTPS for a custom domain "frontendpointname1-custom-xyz" with resource id $resourceId using Front Door managed certificate.
Example 5: Enable HTTPS for a custom domain with FrontDoorName and ResourceGroupName using customer's own certificate in Key Vault with the latest version to enable certificate auto-rotation.
$vaultId = (Get-AzKeyVault -VaultName $vaultName).ResourceId
Enable-AzFrontDoorCustomDomainHttps -ResourceGroupName "resourcegroup1" -FrontDoorName "frontdoor1" -FrontendEndpointName "frontendpointname1-custom-xyz" -VaultId $vaultId -secretName $secretName -MinimumTlsVersion "1.0"
HostName : frontendpointname1.custom.xyz
SessionAffinityEnabledState : Disabled
SessionAffinityTtlSeconds : 0
WebApplicationFirewallPolicyLink :
Backends :
CustomHttpsProvisioningState : Enabling
CustomHttpsProvisioningSubstate : SubmittingDomainControlValidationRequest
CertificateSource : AzureKeyVault
ProtocolType : ServerNameIndication
MinimumTlsVersion : 1.0
Vault :
SecretName :
SecretVersion :
CertificateType :
ResourceState : Enabled
Id : /subscriptions/{guid}/resourcegroups/resourcegroup1
/providers/Microsoft.Network/frontdoors/frontdoor1/frontendendpoints/frontendpointname1-custom-xyz
Name : frontendpointname1-custom-xyz
Type : Microsoft.Network/frontdoors/frontendendpointsEnable HTTPS for a custom domain "frontendpointname1-custom-xyz" that is part of Front Door "frontdoor1" in resource group "resourcegroup1" using customer's own certificate in Key Vault with the latest version to enable certificate auto-rotation.
Parameters
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with Azure.
| Type: | IAzureContextContainer |
| Aliases: | AzContext, AzureRmContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-FrontDoorName
The name of the Front Door.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-FrontendEndpointName
Frontend endpoint name.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-InputObject
The Frontend endpoint object to update.
| Type: | PSFrontendEndpoint |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-MinimumTlsVersion
The minimum TLS version required from the clients to establish an SSL handshake with Front Door.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ResourceGroupName
The resource group to which the Front Door belongs.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ResourceId
Resource Id of the Front Door endpoint to enable https
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-SecretName
The name of the Key Vault secret representing the full certificate PFX
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-SecretVersion
The version of the Key Vault secret representing the full certificate PFX. If not specified, the 'Latest' version will always been used and the deployed certificate will be automatically rotated to the latest version when a newer version of the certificate is available.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-VaultId
The Key Vault id containing the SSL certificate
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |