We have a static website running from an Azure storage account, using Azure CDN to deliver with a custom domain name and HTTPS. (https://www.alvarnet.com) We need the root custom domain (alvarnet.com) to also be resolvable.
It wasn’t clear in online documentation how to add the root domain to an Azure CDN endpoint, or if it was even possible yet – sub-domains only for CDN endpoints seem to be the standard. In fact, CDN Allow Root Domain for Custom Domains is an Azure ‘feature request’ that has been under review for over a year!
- I created a new CDN endpoint but the CNAME of the root domain name wasn’t recognized
- Our DNS provider, EasyDNS, allows for CNAME/Alias records of root domains – but mapping the root domain as a Custom hostname to the alvarnet.azureedge.net CDN endpoint still wouldn’t work. The error message when trying to ‘Add a custom domain‘ basically said it didn’t recognize the CNAME mapping between the root domain and the CDN endpoint.
Successful Work Around:
Finally, thanks to a response from “theanatoki’ on the Azure Forums, we have successfully added the root domain as a Custom hostname in Azure CDN!
A relatively straightforward way to get around this is to verify the domain using the temporary mapping feature, cdnverify.
Set up a CNAME “cdnverify.<yourdomain>” to “cdnverify.<endpoint>.azureedge.net”. Once all is verified and set up (including SSL provisioning if desired), delete the CNAME and use ANAME for the root record.
I had used this cdnverify process to initially verify and setup the www.site! It was a straight forward process and after waiting the 6-8 hours for the SSL to be complete – the https and SSL certificate was working. In hindsight, this is the obvious solution for also being able to get the root domain working on the Azure CDN too!!
Steps to setting up root domain on Azure CDN endpoint:
- Create CNAME record in DNS provider using the cdnverifty. prefix
2. Add the Custom Root domain to the CDN endpoint (I put the root domain on the same endpoint as the www domain. One Azure CDN endpoint can serve multiple subdomains according to the documentation)
3. The Root domain is listed as one of the Custom Domains for the endpoint – and now just has to have HTTPS enabled:
4. Enable the HTTPS feature and wait for the HTTPS feature with an SSL certificate to be processed – between 6-8 hours.
5.Final step is to force the root domain to resolve to the www site, add an HTTP URL Redirect Rule to the CDN Profile Rule Engine. This is an optional step if you don’t mind having the root domain live – the existing HTTP Rules will assure that http is forced to https, only https can be used for security, and the landing page is exposed without being in the URL.
- Read here how to access and use the Rule Engine
- Rule #2 Redirect Root to www
- HTTPS is forced by Rule #1 and #3
- Rule #4 delivers landing page without having to type into the URL
http://alvarnet.com quickly resolves to https://www.alvarnet.com
Another option to force the root domain to resolve only to the www subdomain, is to use URL Forwarding in your DNS Provider – which is what I did until I added the HTTP Rule. 🙂