New Training: Configure Advanced Security for Compute

In this 6-video skill, CBT Nuggets trainer Daniel Sasse reviews the options available to Azure administrators, engineers and architects to protect and maintain Azure computer services, including VM updates, Disk Encryption and Vulnerability Protection. Watch this new Azure training.

Watch the full course: Microsoft Certified: Azure Security Engineer Associate

This training includes:

• 6 videos

• 58 minutes of training

You’ll learn these topics in this skill:

• Configure SSL & TLS Certs

• Configure Endpoint Protection

• Configure and Monitor System Updates for VMs

• Configure Automatic Updates

• Implement Vulnerability Management

• Implement Azure Disk Encryption

What Options are Available for Adding an SSL/TSL Certificate in Azure?

You can use a free managed certificate from Azure to secure your custom domain. But keep in mind that this certificate has many limitations, such as it doesn't support wildcards or naked domains. It also doesn't support A records.

You can also buy a managed certificate from Azure. They, in turn, will purchase the certificate from GoDaddy for you and perform domain verification of it. They will further maintain the certificate in Azure Key Vault and manage certificate renewals.

If you use Azure Key Vault, you can import a PKCS12 certificate from it. This certificate must be exported as a password-protected PFX file, contain a private key that's at least 2,048 bit long, and the certificate chain must contain all intermediate certificates.

If you have already bought a compliant private certificate from a provider, you can upload it into Azure. You can also upload a public certificate that you own as well, but you will only be able to use this for accessing remote resources.