Hosting an Azure App Service on an apex/naked domain

Question

I have created an Azure App Service site which is moving to production.

I am having some problems with the fact that Azure can only handle SSL/TLS for subdomains.

My subdomain www.abc123.com is currently using a CNAME record to point to the App Service, this works well and SSL works flawlessly.

However the apex/naked domain abc123.com can't use a CNAME record as email is handled by gmail and the CNAME root record would interfere with the MX record (?).

I have tried adding an A record for abc123.com to point to my App Service IP address, this forwards traffic but gives an SSL error as Azure requires a CNAME for SSL to function.

I have made a messy workaround which is an A record for abc123.com pointing the IP of an Apache server serving other sites, this server uses the .htaccess to redirect to the www.abc123.com domain.

Is there any way to handle this natively in Azure? Or a service that would perform the same function that my Apache server is doing? Or even a way to add a CNAME and have email still work for the domain?

Answer 1

A clarification first, App Services do support SSL for apex domains using an A record, however the free certificate offering in app service does not currently support this. You can follow the uservoice item for this here

You can however use an SSL certificate for the apex A record if you supply your own SSL cert, either using an Azure App Service Certificate (this is a separate product in Azure) or purchasing an SSL cert from any other provider and importing this into your app service.

Answer 2

Another option is to use a service like http://wwwizer.com/. It performs a naked redirect to www and it has a static IP. I know it isn't great, but it might help you.