Create a Front Door with HTTP to HTTPS redirection

  1. Home
  2. Create a Front Door with HTTP to HTTPS redirection

This guide will show you how to make a front door that redirects from HTTP to HTTPS. You may construct a Front Door with a certificate for TLS termination using the Azure interface. A routing rule is used to redirect HTTP traffic to HTTPS.

Create a Front Door with an existing Web App resource

  • Sign in to the Azure portal
  • Click Create a resource found on the upper left-hand corner of the Azure portal.
  • Search for Front Door using the search bar and once you find the resource type, click Create.
  • Choose a subscription and then either use an existing resource group or create a new one. Note, the location asked in the UI is for the resource group only. Your Front Door configuration will get deployed across all of Azure Front Door’s POP locations.
  • Click Next to enter the configuration tab. The configuration for Front Door happens in three steps – adding a default frontend host, adding backends in a backend pool and then creating routing rules to map the routing behavior for frontend host.
  • Click the ‘+‘ icon on the Frontend hosts to create a frontend host, enter a globally unique name for your default frontend host for your Front Door (\<**name**\>.azurefd.net). Click Add to proceed to the next step.

Further steps

  • Click the ‘+‘ icon on the Backend pools to create a backend pool. Provide a name for the backend pool and then click ‘Add a backend‘.
  • Select the Backend Host Type as App service. Select the subscription where your web app is hosted and then select the specific web app from the dropdown for Backend host name.
  • Click Add to save the backend and click Add again to save the backend pool config.
  • Click the ‘+‘ icon on the Routing rules to create a route. Provide a name for the route, say ‘HttpToHttpsRedirect’, and then set the Accepted Protocols field to ‘HTTP only’. Ensure that the appropriate frontend host is selected.
  • On the Route Details section, set the Route Type to Redirect, ensure that the Redirect type is set to Found (302) and Redirect protocol is set to HTTPS only.
  • Click Add to save the routing rule for HTTP to HTTPS redirect.
  • Add another routing rule for handling the HTTPS traffic. Click the ‘+‘ sign on the Routing rules and provide a name for the route, say ‘DefaultForwardingRoute’, and then set the Accepted Protocols field to ‘HTTPS only’. Ensure that the appropriate frontend host is selected.
  • On the Route Details section, set the Route Type to Forward, ensure that the right backend pool is selected and the Forwarding Protocol is set to HTTPS only.
  • Click Add to save the routing rule for request forwarding.
  1. Click Review + create and then Create, to create your Front Door profile. Go to the resource once created.

Add a custom domain to your Front Door and enable HTTPS on it

The following steps showcase how you can add a custom domain on an existing Front Door resource and then enable HTTP to HTTPS redirection on it.

Add a custom domain

In this example, you add a CNAME record for the www subdomain (for example, www.contosonews.com).

Create the CNAME record

Add a CNAME record to map a subdomain to your Front Door’s default frontend host (<name>.azurefd.net, where <name> is the name of your Front Door profile).

For the www.contoso.com domain, as an example, add a CNAME record that maps the name www to <name>.azurefd.net.

Onboard the custom domain on your Front Door

  1. On the Front Door designer tab, click on ‘+’ icon on the Frontend hosts section to add a new custom domain.
  2. Enter the fully qualified custom DNS name in the custom host name field, example www.contosonews.com.
  3. Once the CNAME mapping from the domain to your Front Door is validated, click on Add to add the custom domain.
  4. Click Save to submit the changes.

Enable HTTPS on your custom domain

  1. Click on the custom domain that was added and under the section Custom domain HTTPS, change the status to Enabled.
  2. You can leave the Certificate management type set to Front Door managed for the free certificate maintained, managed, and autorotated by Front Door. You can also choose to use your own custom TLS/SSL certificate stored with Azure Key Vault. This tutorial assumes that the use of Front Door managed certificate.
  3. Click on Update to save the selection and then click Save.
  4. Click Refresh after a couple of minutes and then click on the custom domain again to see the progress of certificate provisioning.

Configure the routing rules for the custom domain

  1. Click on the redirect routing rule created earlier.
  2. Furthermore, Click on the dropdown for Frontend hosts and select your custom domain to apply this route for your domain as well.
  3. Also, Click Update.
  4. Do the same operation for the other routing rule as well that is, for your forwarding route to add the custom domain.
  5. Click Save to submit your changes.
free practice test for AZ- 303

Go back to the home page

Reference documentation – Create a Front Door with HTTP to HTTPS redirection using the Azure portal

Menu