My Journey of Setting Up a Custom Domain for Azure CDN Endpoint

This is the journey of my attempt to set up the domain www.ashcaptures.com for an Azure CDN endpoint.

Here’s the process:

1. We start by going to the "Front Door and CDN" option on the left-hand side of the Azure portal.

   

2. We create a new endpoint for our storage. We select the Azure CDN as service type.

   

3. After the endpoint is created, we can find the option to add a custom domain inside the endpoint.

   

4. When we click on it, the "Add a custom domain" pane appears on the right-hand side.

   

5. If we try adding a root domain like “ashcaptures.com,” we’re prompted to create a CNAME record with our DNS provider that points to the given hostname.

   

6. Let’s try adding that to domain settings.

   

7. But what if we have tried the same process for www.ashcaptures.com?

   The record gets created without any error and in domain verification also www.ashcaptures.com is verified NOT ashcaptures.com.

   

   

   

8. So does that mean we can’t add root domain as custom domain ? No,we can add the root domain using the trick. The trick is add “cdnverify.” in the CNAME record’s “Host” and “Answer” then the CNAME record will be created without any error and then even the root domain will get verified NOT the www.ashcaptures.com

   

   

   

9. Add the root domain as custom domain by clicking on the “Add” button. We get following notification once it gets addes.

   

10. If we try to open ashcaptures.com , we get DNS error. To resolve this, we have to enter the “Custom domains” section which comes up at lower part of the same dashboard, and enable Custom HTTPS.

    

    

11. The sad news is, THE TRICK DOESN’T WORK ANYMORE when we try to save the settings for the custom domain’s HTTPS as On, we get this error:

    

12. So, let’s delete the ashcaptures.com from custom domains, and add www.ashcaptures.com as custom domain. For that remember that we have to first make changes in the domain settings for CNAME as www.ashcaptures.com. Once custom domain is created, we will enable custom HTTPS for the www.ashcaptures.com. Once the request is submitted from our side for enabling custom HTTPS, it will go in Enabling state and will take around and hour to get enabled.

    

13. Even when it gets enabled, if we try to access www.ashcaptures.com, we get following error in the web browser:

and when trying to access ashcaptures.com, we get following message in chrome (we kept a note of this to understand what is our situation at this stage)

14. Why even the www. version is not working? maybe the origin to which this endpoint is pointing to is wrong, to confirm this we tried to open the origin hostname url, and even that was giving same error that we had got when trying to open www.ashcaptures.com.

    So our next step is to change the origin hostname, for that we click on the “Origin” under “Settings” in left hand pane.

15. Inside the “Origin” section, click on the “Name” column entry which is in blue, that will open a form in right hand side.

16. Change the “Origin type” from “Storage” to “Custom origin”.

    Get the static website endpoint url (this url should open your static site) from the static website’s storage account and paste it in the “Origin host header” field. But as you paste even the working url , you will get this error:

    

    17. To resolve this error, remove “https://” from start of url as well as “/” from end of the url, and the error will be gone. Now save the changes by clicking on the blue Save button at bottom of this form.

        

    18. After few minutes, the changes will be saved and then on testing in browser, www.ashcaptures.com works !!! but not ashcaptures.com.

        To make the root domain work, we have to go into the domain DNS settings, and create a new ALIAS record with “Host” as blank and “Answer/Value” as the azure cdn enpoint url which was the same url set for the www.ashcaptures.com in the CNAME records. If we try to add https://www.ashcaptures.com in answer field or http://www.ashcaptures.com, we will get error. If we try to add only ashcaptures.com in the “answer” field, we will not get any error, but on trying to open ashcaptures.com, we will get redirected to only the unsecured version of the site. This is how the records look in the domain records:

        

    19. As the root domain is not recognized by the azure backend, we will get error. To make sure this root domain is recognized, go into the azure endpoint and add anohter custom domain “ashcaptures.com”. Refer to step 5 to recollect how to verify the root domain using CNAME trick in DNS settings. Once that is done, if you try to open ashcaptures.com , the http version of your static stite will open.

        

    20. To make sure that when we try to open “ashcaptures.com” , the secure version of the site is opened, we have to create a rule in the endpoint that whenver it recieves a request to open “http://ashcaptures.com”, it has to redirect it to HTTPS version of www.ashcaptures.com.
        To create this rule, go inside the endpoint, and click on the “Rules engine” in the left hand side pane. Give your rule a name, create the condition by clicking on “+Add condition” then “Operator” as “Equals”, “Request URL” as “http://ashcaptures.com” and “Case transform” as “No transform”. Create action by clicking on “+Add action” then “Type” as “Permanent Redirect (308)”, “Protocol” as “HTTPS” and “Hostname” as “www.ashcaptures.com”. Leave “Path”, “Query string” and “Fragment” as blank. Save button is at top left corner.

        

    21. After doing all this, when you try to open the ashcaptures.com , the first time it will ask for “Continue to HTTP site” in your browser, but on continuing the https version will open up in browser, and from next time , even if you have closed the browser, the https site will automatically open if you try to open ashcaptures.com.