Enable-AzFrontDoorCustomDomainHttps
Enable HTTPS for a custom domain using Front Door managed certificate or using own certificate from Azure Key Vault.
Syntax
ByFieldsParameterSet (Default)
Enable-AzFrontDoorCustomDomainHttps
-ResourceGroupName <String>
-FrontDoorName <String>
-FrontendEndpointName <String>
[-MinimumTlsVersion <String>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
ByFieldsWithVaultParameterSet
Enable-AzFrontDoorCustomDomainHttps
-ResourceGroupName <String>
-FrontDoorName <String>
-FrontendEndpointName <String>
-VaultId <String>
-SecretName <String>
[-SecretVersion <String>]
[-MinimumTlsVersion <String>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
ByResourceIdParameterSet
Enable-AzFrontDoorCustomDomainHttps
-ResourceId <String>
[-MinimumTlsVersion <String>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
ByResourceIdWithVaultParameterSet
Enable-AzFrontDoorCustomDomainHttps
-ResourceId <String>
-VaultId <String>
-SecretName <String>
[-SecretVersion <String>]
[-MinimumTlsVersion <String>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
ByObjectParameterSet
Enable-AzFrontDoorCustomDomainHttps
-InputObject <PSFrontendEndpoint>
[-MinimumTlsVersion <String>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
ByObjectWithVaultParameterSet
Enable-AzFrontDoorCustomDomainHttps
-InputObject <PSFrontendEndpoint>
-VaultId <String>
-SecretName <String>
[-SecretVersion <String>]
[-MinimumTlsVersion <String>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
The Enable-AzFrontDoorCustomDomainHttps enables HTTPS for a custom domain.
Examples
Example 1: Enable HTTPS for a custom domain with FrontDoorName and ResourceGroupName using Front Door managed certificate.
Enable-AzFrontDoorCustomDomainHttps -ResourceGroupName "resourcegroup1" -FrontDoorName "frontdoor1" -FrontendEndpointName "frontendpointname1-custom-xyz" -MinimumTlsVersion "1.2"
HostName : frontendpointname1.custom.xyz
SessionAffinityEnabledState : Disabled
SessionAffinityTtlSeconds : 0
WebApplicationFirewallPolicyLink :
Backends :
CustomHttpsProvisioningState : Enabling
CustomHttpsProvisioningSubstate : SubmittingDomainControlValidationRequest
CertificateSource : FrontDoor
ProtocolType : ServerNameIndication
MinimumTlsVersion : 1.2
Vault :
SecretName :
SecretVersion :
CertificateType :
ResourceState : Enabled
Id : /subscriptions/{guid}/resourcegroups/resourcegroup1
/providers/Microsoft.Network/frontdoors/frontdoor1/frontendendpoints/frontendpointname1-custom-xyz
Name : frontendpointname1-custom-xyz
Type : Microsoft.Network/frontdoors/frontendendpoints
Enable HTTPS for a custom domain "frontendpointname1-custom-xyz" that is part of Front Door "frontdoor1" in resource group "resourcegroup1" using Front Door managed certificate.
Example 2: Enable HTTPS for a custom domain with FrontDoorName and ResourceGroupName using customer's own certificate in Key Vault with the specific version.
$vaultId = (Get-AzKeyVault -VaultName $vaultName).ResourceId
Enable-AzFrontDoorCustomDomainHttps -ResourceGroupName "resourcegroup1" -FrontDoorName "frontdoor1" -FrontendEndpointName "frontendpointname1-custom-xyz" -VaultId $vaultId -secretName $secretName -SecretVersion $secretVersion -MinimumTlsVersion "1.0"
HostName : frontendpointname1.custom.xyz
SessionAffinityEnabledState : Disabled
SessionAffinityTtlSeconds : 0
WebApplicationFirewallPolicyLink :
Backends :
CustomHttpsProvisioningState : Enabling
CustomHttpsProvisioningSubstate : SubmittingDomainControlValidationRequest
CertificateSource : AzureKeyVault
ProtocolType : ServerNameIndication
MinimumTlsVersion : 1.0
Vault :
SecretName :
SecretVersion :
CertificateType :
ResourceState : Enabled
Id : /subscriptions/{guid}/resourcegroups/resourcegroup1
/providers/Microsoft.Network/frontdoors/frontdoor1/frontendendpoints/frontendpointname1-custom-xyz
Name : frontendpointname1-custom-xyz
Type : Microsoft.Network/frontdoors/frontendendpoints
Enable HTTPS for a custom domain "frontendpointname1-custom-xyz" that is part of Front Door "frontdoor1" in resource group "resourcegroup1" using customer's own certificate in Key Vault with the specific version.
Example 3: Enable HTTPS for a custom domain with PSFrontendEndpoint object using Front Door managed certificate.
Get-AzFrontDoorFrontendEndpoint -ResourceGroupName "resourcegroup1" -FrontDoorName "frontdoor1" -Name "frontendpointname1-custom-xyz" | Enable-AzFrontDoorCustomDomainHttps
HostName : frontendpointname1.custom.xyz
SessionAffinityEnabledState : Disabled
SessionAffinityTtlSeconds : 0
WebApplicationFirewallPolicyLink :
Backends :
CustomHttpsProvisioningState : Enabling
CustomHttpsProvisioningSubstate : SubmittingDomainControlValidationRequest
CertificateSource : FrontDoor
ProtocolType : ServerNameIndication
MinimumTlsVersion : 1.2
Vault :
SecretName :
SecretVersion :
CertificateType :
ResourceState : Enabled
Id : /subscriptions/{guid}/resourcegroups/resourcegroup1
/providers/Microsoft.Network/frontdoors/frontdoor1/frontendendpoints/frontendpointname1-custom-xyz
Name : frontendpointname1-custom-xyz
Type : Microsoft.Network/frontdoors/frontendendpoints
Enable HTTPS for a custom domain with PSFrontendEndpoint object using Front Door managed certificate.
Example 4: Enable HTTPS for a custom domain with resource id using Front Door managed certificate.
Enable-AzFrontDoorCustomDomainHttps -ResourceId $resourceId
HostName : frontendpointname1.custom.xyz
SessionAffinityEnabledState : Disabled
SessionAffinityTtlSeconds : 0
WebApplicationFirewallPolicyLink :
Backends :
CustomHttpsProvisioningState : Enabling
CustomHttpsProvisioningSubstate : SubmittingDomainControlValidationRequest
CertificateSource : FrontDoor
ProtocolType : ServerNameIndication
MinimumTlsVersion : 1.2
Vault :
SecretName :
SecretVersion :
CertificateType :
ResourceState : Enabled
Id : /subscriptions/{guid}/resourcegroups/resourcegroup1
/providers/Microsoft.Network/frontdoors/frontdoor1/frontendendpoints/frontendpointname1-custom-xyz
Name : frontendpointname1-custom-xyz
Type : Microsoft.Network/frontdoors/frontendendpoints
Enable HTTPS for a custom domain "frontendpointname1-custom-xyz" with resource id $resourceId using Front Door managed certificate.
Example 5: Enable HTTPS for a custom domain with FrontDoorName and ResourceGroupName using customer's own certificate in Key Vault with the latest version to enable certificate auto-rotation.
$vaultId = (Get-AzKeyVault -VaultName $vaultName).ResourceId
Enable-AzFrontDoorCustomDomainHttps -ResourceGroupName "resourcegroup1" -FrontDoorName "frontdoor1" -FrontendEndpointName "frontendpointname1-custom-xyz" -VaultId $vaultId -secretName $secretName -MinimumTlsVersion "1.0"
HostName : frontendpointname1.custom.xyz
SessionAffinityEnabledState : Disabled
SessionAffinityTtlSeconds : 0
WebApplicationFirewallPolicyLink :
Backends :
CustomHttpsProvisioningState : Enabling
CustomHttpsProvisioningSubstate : SubmittingDomainControlValidationRequest
CertificateSource : AzureKeyVault
ProtocolType : ServerNameIndication
MinimumTlsVersion : 1.0
Vault :
SecretName :
SecretVersion :
CertificateType :
ResourceState : Enabled
Id : /subscriptions/{guid}/resourcegroups/resourcegroup1
/providers/Microsoft.Network/frontdoors/frontdoor1/frontendendpoints/frontendpointname1-custom-xyz
Name : frontendpointname1-custom-xyz
Type : Microsoft.Network/frontdoors/frontendendpoints
Enable HTTPS for a custom domain "frontendpointname1-custom-xyz" that is part of Front Door "frontdoor1" in resource group "resourcegroup1" using customer's own certificate in Key Vault with the latest version to enable certificate auto-rotation.
Parameters
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False Aliases: cf
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with Azure.
Parameter properties
Type: IAzureContextContainer
Default value: None Supports wildcards: False DontShow: False Aliases: AzContext, AzureRmContext, AzureCredential
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-FrontDoorName
The name of the Front Door.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
ByFieldsParameterSet
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
ByFieldsWithVaultParameterSet
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-FrontendEndpointName
Frontend endpoint name.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
ByFieldsParameterSet
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
ByFieldsWithVaultParameterSet
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
The Frontend endpoint object to update.
ByObjectParameterSet
Position: Named Mandatory: True Value from pipeline: True Value from pipeline by property name: False Value from remaining arguments: False
ByObjectWithVaultParameterSet
Position: Named Mandatory: True Value from pipeline: True Value from pipeline by property name: False Value from remaining arguments: False
-MinimumTlsVersion
The minimum TLS version required from the clients to establish an SSL handshake with Front Door.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-ResourceGroupName
The resource group to which the Front Door belongs.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
ByFieldsParameterSet
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
ByFieldsWithVaultParameterSet
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-ResourceId
Resource Id of the Front Door endpoint to enable https
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
ByResourceIdParameterSet
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: True Value from remaining arguments: False
ByResourceIdWithVaultParameterSet
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: True Value from remaining arguments: False
-SecretName
The name of the Key Vault secret representing the full certificate PFX
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
ByFieldsWithVaultParameterSet
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
ByResourceIdWithVaultParameterSet
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
ByObjectWithVaultParameterSet
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-SecretVersion
The version of the Key Vault secret representing the full certificate PFX.
If not specified, the 'Latest' version will always been used and the deployed certificate will be automatically rotated to the latest version when a newer version of the certificate is available.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
ByFieldsWithVaultParameterSet
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
ByResourceIdWithVaultParameterSet
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
ByObjectWithVaultParameterSet
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-VaultId
The Key Vault id containing the SSL certificate
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
ByFieldsWithVaultParameterSet
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
ByResourceIdWithVaultParameterSet
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
ByObjectWithVaultParameterSet
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False Aliases: wi
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable,
-InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable,
-ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see
about_CommonParameters .
Outputs
