i'm trying to use the recently announced (in preview) managed certificates for azure app service. one of the limitations is, you can't get one for naked domains. eg.: you can get one for www.domain.com, but not domain.com.
in my wb.config, i'm redirecting from 'naked' to 'www' anyway using rewrite rules, so beeing limited to 'www' is not a real problem. However, as the redirect takes place at the web.config level, that is, after the request has hit the webserver, this is too late: when 'domain.com' gets hit and tried to redirect, the browser has already seen the insecure connection to the naked domain (depending on browser) will display a warning page.
so how is one supposed to do deal with the "naked" domains? No more redirects at all? Or are there other methods to do this besides web.config configurations? i did look, but did not find anything.
If your using Azure DNS, or another DNS provider that supports it you can use Alias records to point www to your apex.