make it possible to use SSL on blob storage using custom domains
Currently you can use SSL but you have to user the standard URL. You can create a CNAME to your storage account but most browsers complain that the traffic was rerouted and is possibly an attack. There should be a way to install a domain certificate to your containers.
You can now use the Azure CDN to access blobs with custom domains over HTTPS. See the following article for instructions on how to do so: https://docs.microsoft.com/en-us/azure/storage/storage-https-custom-domain-cdn. Having talked to a number of customers, we concluded that this solution addresses many scenarios where the need for HTTPS access to blobs with custom domains exists.
Native Azure Storage support for using SSL to access blobs at custom domains is still on our backlog. We would love to hear about your scenarios where using the Azure CDN is not an acceptable solution, either by posting on this thread or sending us an email at email@example.com.
Paulo Dias commented
We should be able to upload a certificate to the storage account the same way we do with any other resources.
There is a side effect that wasn't taken into account as well, if you're using a CDN the same problem occurs, as the CDN doesn't allow for the upload of a custom domain certificate either.
Anyway, this is taking too long to solve...
Dick van Straaten commented
This is a must have for all kind of reasons. Is there a roadmap for this?
Scott Currie commented
Any plans to do something with this?
Michael Rubin commented
This feature is definitely a big plus. Meanwhile I use CORS as a workaround to access blob from custom domain: https://msdn.microsoft.com/en-us/library/azure/dn535601.aspx
Joannes Vermorel commented
Almost 3 years... Any update?
Julie Setbon commented
any update on this ?
Any update? This is quite a basic requirement for any self respecting business site.
Tim Erwin commented
"Custom storage domain name access only works for HTTP. HTTPS access is not supported."
Tim Erwin commented
ssl on custom domains is a no brainer. ms?
Microsoft , I hope you can add this function , Azure storage blob using sustom domains .
Phil York commented
SSL is already in use on the storage accounts https://mydomain.blob.core.windows.net/
So why is it not readily available for custom domains with SSL?
We require this asap, current site is SSL and get the dreaded message in console (The page at 'https://mydomain'; was loaded over HTTPS, but displayed insecure content from 'http://myblobaccount/images/...': this content should also be loaded over HTTPS.
Microsoft, when is this going to happen?
Under review 8 months ago, can we have an update? SSL is becoming increasingly important especially for business services in the cloud.
Guy Harwood commented
Pretty shocked that this isnt possible already. My app has been using http for 2+ years and now im faced with losing all my custom image URLs, or sticking with HTTP (and hence no social login)
I am not an expert, hardly even an enthusiastic amateur, however my understanding is, to support this:
- you would need to give your private key to Azure
- or alternatively the Azure ops team would need to be able to apply for SSL cert using your top level domain
- or the Azure platform could generate a certificate using your custom domain name and clients would receive certificate warnings
- or Verisign/Thawte would need to provide the Azure team with their private key for them to generate legit certificates
If my understanding is correct, none of these options is something I would be comfortable with. Happy to be educated if there is indeed a secure way to achieve this.
Voters listen up! This entry looks like a double up of http://feedback.windowsazure.com/forums/217298-storage/suggestions/3007732-make-it-possible-to-use-ssl-on-blob-storage-using- . I suggest moving your votes to the other post (which already has double the votes of this request) so that we can get this request up the rankings.
Yes, I think this should be a good idea can have a custom ssl in Blob Storage.
I'm waiting for this solution, perhaps..
Jeroen Landheer commented
This is for one of my projects an absolute 'must', uploading certificates like we do with cloud services shouldn't be that hard to implement
Ryan Dowling commented
I'm looking for this to avoid the certificate expiration debacle of Feb 22 2013
Philippe Devaux commented
Indeed, it makes a greater coherent experience for the end user.
Hope it makes it soon.
I certainly agree with this if you are trying to do ecommerce. I am surprised that the Azure team did not see this coming considering the importance of security and user experience going on there internally