You can add digital security certificates to use in your application code or to secure custom DNS names in Azure App Service, which provides a highly scalable, self-patching web hosting service. Currently called Transport Layer Security (TLS) certificates, also previously known as Secure Socket Layer (SSL) certificates, these private or public certificates help you secure internet connections by encrypting data sent between your browser, websites that you visit, and the website server.
Different options are possible : Add and manage TLS/SSL certificates - Azure App Service | Microsoft Learn
...
Free managed certificate : A private certificate that's free of charge and easy to use if you just need to secure your custom domain in App Service.
Import App Service certificate : A private certificate that's managed by Azure. It combines the simplicity of automated certificate management and the flexibility of renewal and export options.
Import PFX certificate (private) : If you already have a private certificate from a third-party provider, you can upload it. See Private certificate requirements.
Import from Key Vault : Useful if you use Azure Key Vault to manage your PKCS12 certificates. See Private certificate requirements.
Import public certificate (cer) : Public certificates aren't used to secure custom domains, but you can load them into your code if you need them to access remote resources.
| Note |
|---|
By default, the App Service resource provider doesn't have access to your key vault. To use a key vault for a certificate deployment, you must authorize read access for the resource provider to the key vault. |