Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enable SSL on custom domains for CDN using users certificate or CDN managed c… #5276

Merged
merged 1 commit into from
Feb 28, 2019
Merged

Enable SSL on custom domains for CDN using users certificate or CDN managed c… #5276

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
176 changes: 174 additions & 2 deletions specification/cdn/resource-manager/Microsoft.Cdn/stable/2017-10-12/cdn.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1653,8 +1653,11 @@
"description": "Enable https delivery of the custom domain.",
"operationId": "CustomDomains_EnableCustomHttps",
"x-ms-examples": {
"CustomDomains_EnableCustomHttps": {
"$ref": "./examples/CustomDomains_EnableCustomHttps.json"
"CustomDomains_EnableCustomHttpsUsingYourOwnCertificate": {
"$ref": "./examples/CustomDomains_EnableCustomHttpsUsingBYOC.json"
},
"CustomDomains_EnableCustomHttpsUsingCDNManagedCertificate" :{
"$ref": "./examples/CustomDomains_EnableCustomHttpsUsingCDNManagedCertificate.json"
}
},
"parameters": [
Expand Down Expand Up @@ -1682,6 +1685,15 @@
"required": true,
"type": "string"
},
{
"name": "customDomainHttpsParameters",
"in": "body",
"description": "The configuration specifying how to enable HTTPS for the custom domain - using CDN managed certificate or user's own certificate. If not specified, enabling ssl uses CDN managed certificate by default.",
"required": false,
"schema": {
"$ref": "#/definitions/CustomDomainHttpsParameters"
}
},
{
"$ref": "#/parameters/subscriptionIdParameter"
},
Expand Down Expand Up @@ -2765,6 +2777,166 @@
}
}
},
"CustomDomainHttpsParameters": {
"description": "The JSON object that contains the properties to secure a custom domain.",
"discriminator": "certificateSource",
"required": [
"certificateSource",
"protocolType"
],
"properties": {
"certificateSource": {
"description": "Defines the source of the SSL certificate.",
"enum": [
"AzureKeyVault",
"Cdn"
],
"type": "string",
"x-ms-enum": {
"name": "CertificateSource",
"modelAsString": true
}
},
"protocolType": {
"description": "Defines the TLS extension protocol that is used for secure delivery.",
"enum": [
"ServerNameIndication",
"IPBased"
],
"type": "string",
"x-ms-enum": {
"name": "ProtocolType",
"modelAsString": true
}
}
}
},
"CdnManagedHttpsParameters": {
"description": "Defines the certificate source parameters using CDN managed certificate for enabling SSL.",
"x-ms-discriminator-value": "Cdn",
"allOf": [
{
"$ref": "#/definitions/CustomDomainHttpsParameters"
}
],
"required": [
"certificateSourceParameters"
],
"properties": {
"certificateSourceParameters": {
"description": "Defines the certificate source parameters using CDN managed certificate for enabling SSL.",
"$ref": "#/definitions/CdnCertificateSourceParameters"
}
}
},
"CdnCertificateSourceParameters": {
"description": "Defines the parameters for using CDN managed certificate for securing custom domain.",
"required": [
"@odata.type",
"certificateType"
],
"properties": {
"@odata.type": {
"type": "string",
"enum": [
"#Microsoft.Azure.Cdn.Models.CdnCertificateSourceParameters"
]
},
"certificateType": {
"description": "Type of certificate used",
"enum": [
"Shared",
"Dedicated"
],
"type": "string",
"x-ms-enum": {
"name": "CertificateType",
"modelAsString": true
}
}
}
},
"UserManagedHttpsParameters": {
"description": "Defines the certificate source parameters using user's keyvault certificate for enabling SSL.",
"x-ms-discriminator-value": "AzureKeyVault",
"allOf": [
{
"$ref": "#/definitions/CustomDomainHttpsParameters"
}
],
"required": [
"certificateSourceParameters"
],
"properties": {
"certificateSourceParameters": {
"description": "Defines the certificate source parameters using user's keyvault certificate for enabling SSL.",
"$ref": "#/definitions/KeyVaultCertificateSourceParameters"
}
}
},
"KeyVaultCertificateSourceParameters": {
"description": "Describes the parameters for using a user's KeyVault certificate for securing custom domain.",
"required": [
"@odata.type",
"subscriptionId",
"resourceGroupName",
"vaultName",
"secretName",
"secretVersion",
"updateRule",
"deleteRule"
],
"properties": {
"@odata.type": {
"type": "string",
"enum": [
"#Microsoft.Azure.Cdn.Models.KeyVaultCertificateSourceParameters"
]
},
"subscriptionId": {
"description": "Subscription Id of the user's Key Vault containing the SSL certificate",
"type": "string"
},
"resourceGroupName": {
"description": "Resource group of the user's Key Vault containing the SSL certificate",
"type": "string"
},
"vaultName": {
"description": "The name of the user's Key Vault containing the SSL certificate",
"type": "string"
},
"secretName": {
"description": "The name of Key Vault Secret (representing the full certificate PFX) in Key Vault.",
"type": "string"
},
"secretVersion": {
"description": "The version(GUID) of Key Vault Secret in Key Vault.",
"type": "string"
},
"updateRule": {
"description": "Describes the action that shall be taken when the certificate is updated in Key Vault.",
"type": "string",
"enum": [
"NoAction"
],
"x-ms-enum": {
"name": "UpdateRule",
"modelAsString": true
}
},
"deleteRule": {
"description": "Describes the action that shall be taken when the certificate is removed from Key Vault.",
"type": "string",
"enum": [
"NoAction"
],
"x-ms-enum": {
"name": "DeleteRule",
"modelAsString": true
}
}
}
},
"CustomDomainListResult": {
"description": "Result of the request to list custom domains. It contains a list of custom domain objects and a URL link to get the next set of results.",
"properties": {
Expand Down
16 changes: 0 additions & 16 deletions ...rce-manager/Microsoft.Cdn/stable/2017-10-12/examples/CustomDomains_EnableCustomHttps.json
View file
Open in desktop

This file was deleted.

30 changes: 30 additions & 0 deletions ...er/Microsoft.Cdn/stable/2017-10-12/examples/CustomDomains_EnableCustomHttpsUsingBYOC.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
{
"parameters": {
"api-version": "2017-10-12",
"subscriptionId": "subid",
"resourceGroupName": "RG",
"profileName": "profile1",
"endpointName": "endpoint1",
"customDomainName": "www-someDomain-net",
"customHttpsParameters": {
"certificateSource": "AzureKeyVault",
"protocolType": "ServerNameIndication",
"certificateSourceParameters": {
"OData.type":"#Microsoft.Azure.Cdn.Models.KeyVaultCertificateSourceParameters",
"subscriptionId":"subid",
"resourceGroupName":"RG",
"vaultName":"kv",
"secretName" : "secret1",
"secretVersion" :"00000000-0000-0000-0000-000000000000",
"updateRule": "NoAction",
"deleteRule": "NoAction"
}
}
},
"responses": {
"200": {
"body": {
}
}
}
}
24 changes: 24 additions & 0 deletions ...stable/2017-10-12/examples/CustomDomains_EnableCustomHttpsUsingCDNManagedCertificate.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
{
"parameters": {
"api-version": "2017-10-12",
"subscriptionId": "subid",
"resourceGroupName": "RG",
"profileName": "profile1",
"endpointName": "endpoint1",
"customDomainName": "www-someDomain-net",
"customHttpsParameters": {
"certificateSource": "Cdn",
"protocolType": "ServerNameIndication",
"certificateSourceParameters": {
"OData.type":"#Microsoft.Azure.Cdn.Models.CdnCertificateSourceParameters",
"certificateType":"Shared"
}
}
},
"responses": {
"200": {
"body": {
}
}
}
}