In this blog I will show how to use a custom domain with Azure blob storage. By default when you create an Azure blob storage the url will be:
https://<mystorageaccount>.blob.core.windows.net/<container>/<blob>
This may be fine when you use the blob storage for a background used in Intune, but when you use this blob storage to share files or documents it may be convenient to use a Custom domain with Azure blob storage.
At the moment there two ways to use custom domains with an Azure blob storage, depending on the requirement of HTTPS you should choose one over the other. The most simple and cheapest way is adding a custom domain to the blob storage, but this will only support http. If you require HTTPS connections to your storage blob then you will need to enable CDN on the storage blob. This will add some additional costs. In this blog I will show how to configure a custom domain with HTTP and HTTPS configuration, but first I will create a blob storage with a container with public access to use for the demo.
Create a Blob Storage
1. Create a storage account using default settings.
2. Create a container in the blob storage to upload an blob (file).
3. Upload a file (blob) to the created container. I will use the default Windows background:
"C:\Windows\Web\Wallpaper\Windows\img0.jpg"
Configure custom domain with HTTP
Now we are going to configure the custom domain with http. If you want to use HTTPS, skip this part and go to configure custom domain with HTTPS (step 10).
4. Go to the previously created storage account and select “Settings” -> “Configuration” -> Disable “Secure transfer required” and press “Save”.
5. Select “Settings” -> “Properties” -> copy the blob service url to notepad and remove the protocol identifier and the slash at the end like this:
sacustomurl.blob.core.windows.net |
6. Sign in to your domain registrar and go to the dns management page. Add a new CNAME for the storage blob e.g. customurl@vmlabblog.com and enter the edited blob service url (step 5.) as value:
7. Go to storage account and select Blob service-> custom domain. Enter the created custom domain (e.g. customurl.vmlabblog.com) and press “Save” to save the custom domain.
8. You may get the following error if the CNAME hasn’t been processed yet. Wait for some time and try step 6 again.
9. You can now connect to the blob storage using the new custom domain using the url:
http://customurl.vmlabblog.com/test/img0.jpg
Configure Custom domain with HTTPS
10. Go to the previously created storage account and select “Blob service” -> “Azure CDN”. Create a new CDN profile for the Storage blob. Enter a profilename, select pricing tier “Standard Microsoft” and enter a CDN endpoint name. Press “Create” to create the CDN endpoint and wait for the profile to be created.
11. Click on the new CDN endpoint.
12. In the Azure endpoint settings select “Settings” -> “Custom domains” and press “+ Custom domain”
13. Sign in to your domain registrar and go to the dns management page. Add a new CNAME for the CDN endpoint e.g. customurl@vmlabblog.com and enter the Endpoint hostname as value:
14. Enter the Custom hostname you want to use to access the files and press “Add” (it may take some time before the DNS changes have been processed)
15. Wait for custom domain to be created and select the created domain name.
16. I will be using the CDN managed certificate management, but you can also use your own certificate from an Azure Key vault. Select “Custom domain HTTPS” -> On and press “Save”
17. Wait for the status to be completed.
18. Now you will be able to connect with https to the blob storage using a custom domain.
"https://customurl.vmlabblog.com/test/img0.jpg"