Deploy Web App with CDN, add Custom Domain with TLS ( WordPress and MySQL)

Well you will notice that my preference for Azure Deployments is Azure DevOps and Azure Repos. So this particular deployment is an example with a bonus! Add your custom domain with an Azure provided Certificate and there you have it! Your site ready to go with brand new HTTPS ! We will also utilize CDN Rules to force HTTPS !

First of all we should have an Organization and a Project created on

Download the files from :

Before anything we must create the Service Connection so from our Azure DevOps Project Settings, Service Connections let’s create an Azure Resource Manager connection:

Select Service Principal, either you have already a Service Principal with Contributor role or you can do it from here, Don’t forget to add the RBAC Role in Azure-Subscriptions-IAM Roles, if you select automatic.

Let’s import our template right? Where ? Go to Repos , create a repo , add a Readme.txt or whatever empty file. You can then upload your code or import from GitHub, in our case we have created a folder and Uploaded our files :

Create a folder on your repo

For any project that is private or public, the size of the repo should not be greater than 250GB

Now lets create the deployement pipeline! From Pipelines , select Releases , add new Release Pipeline and from there select your artifact , which will be the Azure Repo Folder with the default values:

I prefer to change the Alias and remove the underscore

Then we must create the actual Job, so click the highlighted 1 job, 0 Tasks and there we must select the machine which will run the Code for us, this time Select Azure Pipelines and Windows Latest.

We can deploy our own VMs or Scale Sets for more complex and demanding Tasks.

Select Azure Pipelines, Windows Latest and leave default settings

Click the + Plus icon, and Search for ARM Template Deployment and add it.Can you see in this image that we can change the Release name ? It is editable just click and write the name of your choice, on the upper left corner of the Pipeline.

Select the Service Connection, Subscription , add a new Resource Group or select an existing one, select location and add the file from the dotted menu, from our folder we uploaded our files. Notice the artifact name on the root menu. Deployment mode must stay Incremental, and you can give a deployment name which later we will observe on the Resource Group Deployments option from Azure Portal.

Add a Task by clicking the + {Plus} sign next to the Agent Job

This is how our release Pipeline will look like. We can override Template parameters as you can see , for now select Save you may add an optional comment and create a release just click Create. If you select the option “Stages for a trigger change from automated to manual.”, we must manually select Deploy from the Pipelines menu.

From the Pipelines menu we can observe logs and how it is deployed. At the same time there is a deployment running on Azure :

The Resource Group Deployments Menu shows our deployment

Our Deployment is complete, a WebApp with MySQL backend and a CDN Endpoint so let’s explore this one!

From the FrontDoor/CDN Profiles selection , click on the newly generated endpoint. There we can see the option Custom Domain. It is time to click it and cerate a CNAME for our Website e.x “” pointing to the endpoint we are presented.

If the Custom Domain has not enabled Custom HTTPS , open it and turn it on, select CDN Managed , and click save. If your CNAME is replicated on time, the CDN will add the Certificate for you site to enable HTTPS! Pretty cool right ? And we are not done, just a final touch to force only HTTPS from the CDN Rules Engine !

The process can take a few minutes. Once it is finished we have our Custom Domain protected with CDN Certificate, and we can make our final touches, using the CDN Rules Engine. Select the endpoint from Front Door\CDN Profiles and go to Rules Engine.

CDN Endpoint Rules Engine adds a lot of flexibility to our Web Application

There are a lot of Options and flexibility for your URLs with the Rules Engine. Below is the guide to Redirect-Force HTTPS, from the Official Documentation

Test your deployment, add the /wp-admin after the URL to deploy the WordPress engine and start building your sites!

I believe this is a smooth introduction to Azure DevOps Pipelines, as we deployed an ARM Template which included Bicep configuration files, and we saw the integration with Azure and of course the CDN Endpoint which supplied a TLS Certificate for our WordPress installation!

Useful links:

Spread the word. Share this post!

Leave Comment