Tag: Infrastructure

SSL binding in Azure App Service

~ Nikhil Kulkarni ~ Leave a comment

Hi Champs,

In part one we discussed how we can add custom domain in Sitecore App Service. Today we will go through how we can secure this custom domain with SSL bindings, so without doing any further delay below are the points to add SSL bindings.

Secure a custom domain

Do the following steps:

In the Azure portal, from the left menu, select App Services > <app-name>.

From the left navigation of your app, start the TLS/SSL Binding dialog by:

  • Selecting Custom domains > Add binding
  • Selecting TLS/SSL settings > Add TLS/SSL binding

Add binding to domain

In Custom Domain, select the custom domain you want to add a binding for.

If your app already has a certificate for the selected custom domain, go to Create binding directly. Otherwise, keep going.

Add a certificate for custom domain

If your app has no certificate for the selected custom domain, then you have two options:

 Note

You can also Create a free certificate (Preview) or Import a Key Vault certificate, but you must do it separately and then return to the TLS/SSL Binding dialog.

Create binding

Use the following table to help you configure the SSL binding in the TLS/SSL Binding dialog, then click Add Binding.

Setting Description
Custom domain The domain name to add the SSL binding for.
Private Certificate Thumbprint The certificate to bind.
TLS/SSL Type
  • SNI SSL – Multiple SNI SSL bindings may be added. This option allows multiple SSL certificates to secure multiple domains on the same IP address. Most modern browsers (including Internet Explorer, Chrome, Firefox, and Opera) support SNI (for more information, see Server Name Indication).
  • IP SSL – Only one IP SSL binding may be added. This option allows only one SSL certificate to secure a dedicated public IP address. After you configure the binding, follow the steps in Remap A record for IP SSL.
    IP SSL is supported only in Production or Isolated tiers.

Once the operation is complete, the custom domain’s SSL state is changed to Secure.

SSL binding successful

 Note

Secure state in the Custom domains means that it is secured with a certificate, but App Service doesn’t check if the certificate is self-signed or expired, for example, which can also cause browsers to show an error or warning.

Remap A record for IP SSL

If you don’t use IP SSL in your app, skip to Test HTTPS for your custom domain.

By default, your app uses a shared public IP address. When you bind a certificate with IP SSL, App Service creates a new, dedicated IP address for your app.

If you mapped an A record to your app, update your domain registry with this new, dedicated IP address.

Your app’s Custom domain page is updated with the new, dedicated IP address. Copy this IP address, then remap the A record to this new IP address.

Test HTTPS

In various browsers, browse to https://<your.custom.domain> to verify that it serves up your app.

Portal navigation to Azure app

Advertisement

Working with Sitecore Managed Cloud

~ Nikhil Kulkarni ~ 1 Comment

Hi Champs,

Today I am going to share my experience of working with Sitecore Managed Cloud from scratch. In my scenario, it was fresh website deployment on Sitecore Managed Cloud offering which I will split this is below section to make it better. Sorry but this is a bit lengthy and theoretical article which may get boring but reading this article will give you a better understanding of working practically with Sitecore Managed Cloud.

Engaging the Customer:

In this process, you need to agree with Customer and Sitecore that you will be using this offering from Sitecore. For that Sitecore Team and you need to list down the benefits like below for this offering.

  1. Service availability is managed by the Sitecore team.
  2. Sitecore Managed Cloud Team will be responsible to set entire infrastructure.
  3. Depending on traffic/expected traffic Sitecore Managed Cloud team suggests the Scaled environment topology be used in the Production environment.
  4. Sitecore Managed Cloud team will be monitoring the activities and report any unwanted incident happens and try to help the Partner team to work on that exact point to make sure that nothing is going wrong.

Step-in to procure:

In this process Customer and Partner team has to sign an agreement and procure the Sitecore Managed Cloud services and also add it to Sitecore License. At the same time Partner and Customer has to also need to provide information about different modules that are used in the implementation so that Sitecore License will have all the necessary conditions applied to it. Once this is done Sitecore Managed Cloud team will assign a ticket to Client for feeling the same information and some more information. This ticket will have table which you guys need to fill for information like including things like Solr/Azure search, EXM, JSS, and different modules if applicable. After this Sitecore Managed Cloud team will commission environments like (Dev, QA, Prod)  as mentioned by you with all the credentials details.

Set-up Azure DevOps:

This process is a bit useful for developers and DevOps guys. You need to follow the below steps.

  1. Create a release pipelines according to branches and strategies.
  2. Once this is done when now you need to change the subscriptions and resources to Sitecore Managed Cloud.
  3. For above you need to add Service Connection for your Azure DevOps.
  4. To get service connection you need to create a Sitecore Ticket so that Sitecore Managed Cloud team will create Service Connection and will share the details to you.
  5. Onccce that is in place you need to create Service Connection in you Azure DevOps and apply right Subscriptions and resources to right task and jobs in pipelines according to environments.
  6. Now you are ready for a fully automated Sitecore System and can deploy everything step by step on respective environment and test the implementation.

Note:

  1. In Sitecore Scaled environment you will get different web apps for each service like cm, cd, processing, redis, xConnect, xcSearch, and others.
  2. As Solr comes as a different Cloud offering in Sitecore Managed Cloud so that will be partially maintained by Sitecore Managed Cloud team but for more information on this you can check with Sitecore itself.
  3. While implementing this if you face any issues you need to follow same process of raising the Sitecore support ticket to get solutions.
  4. For escalations and different leadership help, Sitecore assigns a Customer Success Manager for this offering which is a great help from Sitecore.

Happy Learning Sitecore…..