I have an Azure API App Service that I want to configure "priority" traffic management for. I have deployed the service to two separate Azure regions and configured a Traffic Manager instance to perform priority routing to the two service instances. The services have the following custom domain configurations:
foo1.mydomain.com
foo2.mydomain.com
I have A records for both subdomains pointing at the respective Azure App Service IP addresses.
I have also attached a wildcard cert to the services and everything works nicely if I navigate to https://foo1.mydomain.com or https://foo2.mydomain.com. Traffic manager endpoint monitoring shows both endpoints as being online and enabled.
Now, I want to have clients make requests to a vanity endpoint: foo.mydomain.com, which I have created a CNAME for. The CNAME is pointed at the traffic manager instance URL myapi.trafficmanager.net.
When I attempt to resolve the vanity URL using SSL/TLS, i.e., https://foo.mydomain.com, I get a certificate error, because traffic manager is attaching an *.azurewebsited.net certificate.
My question: How do I properly configure Azure Traffic Manager to do priority routing for two custom domain names using my SSL/TLS cert and a vanity URL?