Before creating a keystore on Linux and installing SSL, you need to use az group create to create resources. For example, to create a resource group named "myResourceGroupSecureWeb", you need to copy the Azure CLI to the corresponding folder, then create the keystore using az keyvault create, and enable the keystore when deploying the VM.

Each keystore needs to have a unique name, all in lowercase letters, and then replace the name with its own unique keystore name to generate a certificate and store it in the keystore. In order to make the website SSL safe to use, everyone needs to be signed by a trusted program to become a valid certificate when installing SSL import in Linux.

Second, prepare a certificate for the virtual machine.

To use the above certificate in the process of VM creation, you need to use az keyvault secret list-versions to obtain the unique ID of the certificate, and then convert the certificate through az vm format-secret. The specific operation is to create a cloud-init configuration to protect NGINX, customize it when the VM starts for the first time, and then install and write files through cloud-init, or configure users and security.

No other steps and agents are required except to run cloud-init when the Linux installation certificate is initially started. It takes several minutes to create the virtual machine, install the software package and start the application. After creation, test whether the Web application is secure. If the ssl certificate of Linux is installed with a self-signed security certificate, there will be a security warning on the web page to remind users of unsafe factors.

Compared with other systems, Linux ssl certificate installation is relatively simple. However, it should be noted that the Linux installation certificate has certain requirements for the domestic and international network environment. If not changed in time, SSL certificate configuration will fail.