I'm trying to host a static website on Azure storage with a custom domain and HTTPS.
I have created a storage account, uploaded my files, and enabled static site hosting. The site works nicely from the <foo>.web.core.windows.net domain provided by Azure.
I have created a CDN endpoint for the site with the origin hostname set to the primary endpoint provided by Azure, added a custom domain for my www subdomain, provisioned a CDN-managed certificate for it, and added a rule to redirect non-HTTPS requests to https://www.<my-domain>.com. This also works well.
Now I want my apex domain to redirect to my www subdomain.
CNAMEs aren't an option, but I have added an alias A record for @ pointing to my CDN endpoint and added the apex domain as a custom domain to the CDN.
Requests to http://<my-domain>.com redirect nicely, but requests to https://<my-domain>.com understandably give a scary SSL_ERROR_BAD_CERT_DOMAIN error. Azure does not support CDN-managed certificate for apex domains:
CDN-managed certificates are not available for root or apex domains. If your Azure CDN custom domain is a root or apex domain, you must use the Bring your own certificate feature.
I don't want to actually host anything on my apex domain—I just want to redirect it to my www subdomain. Manually provisioning (and maintaining) a certificate seems like a lot of overhead.
The domain registrar, GoDaddy, has a "forwarding" feature that did what I want, but I prefer to keep my DNS hosted with Azure.
Is there a way to redirect apex domain HTTPS requests to my www subdomain without manually provisioning a certificate for my apex domain or moving my DNS out of Azure?