Click here to close now.


Microservices Expo Authors: Liz McMillan, Janakiram MSV, Don MacVittie, Elizabeth White, Pat Romanski

Related Topics: Microsoft Cloud, Microservices Expo, Containers Expo Blog, Silverlight, @CloudExpo

Microsoft Cloud: Blog Feed Post

Step-by-Step: Connect System Center 2012 App Controller to Windows Azure

Setting up System Center App Controller to drive Windows Azure

The article I’m writing for part 13 our “31 Days of Servers in the Cloud” series involves using App Controller to create a virtual machine.  But to do this, you first need to connect and associate App Controller (a component of System Center 2012) with your Windows Azure subscription.

So in today’s Part 12, as a preliminary document for part 13, in this article I’m going to show you how to connect App Controller to your Windows Azure account.

To do this, we need to have a few preliminaries in place:

  1. You have a Windows Azure subscription, and have requested the ability to preview the use of Windows Azure virtual machines.  (If you don’t have an account, you can start a free 90-day trial HERE.)
  2. You have System Center 2012 App Controller installed.  (Download the System Center 2012 Private Cloud evaluation software HERE.) 
    NOTE: In my examples I’m using System Center 2012 SP1 App Controller, which at the time of this writing is available to TechNet and MSDN subscribers and volume license customers only; but will very soon be generally available.  I will update this blog post as soon as that happens.

Connect App Controller to your Windows Azure subscription
To make this happen, you first have to have a management certificate in place.  This makes up the bulk of the complexity involved.  It must be a management certificate that has a key length of at least 2048 bits and resides in the Personal certificate store.  To make this all work, you’ll need both a .cer file, which is the exported certificate that you’ll upload as the management certificate in Windows Azure, and a.pfx (personal information exchange) certificate file that you’ll  use to connect App Controller to your Azure subscription.  You can create this self-signed certificate easily in one of two ways:

  1. If you have Visual Studio installed, you can use the makecert command from the Visual Studio command prompt to create the certificate and at the same time create the exported .cer file that you can upload into Azure.   Ore…
  2. More likely if, like me, you’re not a developer, you’ll use IIS (Internet Information Services) to create the self-signed certificate.  Add IIS either as a role to a Windows Server, or even as an to Windows 8.

For my example, I’m going to use IIS that I’m going to install on Windows 8.

Install IIS on Windows 8
In the “Turn Windows features on or off” section of the “Add or Remove Programs” (just search from your Start Screen), add the IIS Management Console feature:


Generate the Self-Signed Certificate
Once installed, open up the IIS Manager.  Double-click on “Server Certificates”, and then in the Actions pane on the right, select “Create Self-Signed Certificate”.


Give your certificate a friendly name that you’ll recognize later, and click OK.

Export the .pfx File
Next, we need to export the new certificate as a .pfx file.  (This is the file we’ll later use to connect App Controller to our Windows Azure subscription.)  You can create this from IIS Management as well.   With your new certificate selected, click export in the Actions pane.  Choose a file name and destination for the file, set a password, and click OK.


Once this is done, and if you have no further use of IIS on your Windows 8 machine, you can remove it just as easily as you added it.  You won’t need it for anything more here.

Generate the .cer file.
Now we need a .cer file – the exported certificate that we will upload into our Windows Azure subscription.  The certificate we just created is in the Local Computer certificates store, so we could either need to use MMC and the “Certificates” snap-in to get to and export the certificate from there, OR we could import the .pfx into the personal certificate store and then export it from there.  I’ll describe the latter..

Run certmgr.msc as a quick way to open up MMC connected to the current user’s certificate store, and navigate to Personal –> Certificates


Right-Click on Certificates, and under All Tasks, select Import…

In the Certificate Import Wizard, click Next, and then browse to and select your recently created .pfx file.  (NOTE: You’ll have to change the file type you’re looking for to include .pfx files in order to see it as you navigate)


Click Next.

Enter the password you used to secure your .pfx file, and click Next.

Leave the Certificate Store as the Personal store.  Click Next, and then click Finish to complete the import.

Now in the list of your certificates in the personal certificate store, you should see a certificate that contains a friendly name you used earlier (in my case it’s “MyAzureMgmtCert”).   Right-click on your certificate, and under All Tasks, select Export.

Just use the defaults through this wizard, browse to a location for and name your certificate:


Click Next and then Finish.

Okay.  Now you have both the .pfx and the .cer files you’ll need to connect App Controller to Windows Azure.

Upload the .cer to Windows Azure.

In the Windows Azure portal, at the bottom left, select Settings, and then click Upload.


Browse to and select your .cer file:


Click the Check Box, and in a few seconds you should see a notification telling you that your upload is successful.  You should also see your certificate added to the list of management certificates

Connect App Controller to Windows Azure
Before we make the connection, we’ll need to have our Windows Azure Subscription ID.  The subscription ID is a long set of numbers, formatted to look something like this: 00000000-0000-0000-0000-000000000000

You can get this a number of different ways.

  • If you have any storage defined or any virtual machines created, you can select them and see the subscription ID on the bottom right of the “quick glance” information.
  • If you have Windows Azure PowerShell installed and connected to your subscription, you can simply run the “Get-AzureSubscription” cmdlet to see the Subscription ID.
  • Or most easily since we’ve just uploaded one, you can see the subscription ID as one of the columns in our list of management certificates.

Copy the subscription ID to the clipboard.

Now we’re ready to open up App Controller and log in as your administrative account.

In the Overview pane, under Public Clouds, click “Connect a Windows Azure Subscription


Paste your subscription ID into the appropriate field, browse to and select your .pfx certificate file, enter the password, and give your connection a name and optional description.


Once you click OK, you should soon see that you have a Windows Azure subscription connected.  If you had any virtual machines or services running in Windows Azure, you’ll be able to see those represented here also.


And that’s it!  You’re connected!

Now you can do really cool things like using App Controller to create Virtual Machines in Windows Azure.


I hope you found this useful!  If you have any questions or comments, please add them to the comments and we can discuss them.

More Stories By Kevin Remde

Kevin is an engaging and highly sought-after speaker and webcaster who has landed several times on Microsoft's top 10 webcast list, and has delivered many top-scoring TechNet events and webcasts. In his past outside of Microsoft, Kevin has held positions such as software engineer, information systems professional, and information systems manager. He loves sharing helpful new solutions and technologies with his IT professional peers.

A prolific blogger, Kevin shares his thoughts, ideas and tips on his “Full of I.T.” blog ( He also contributes to and moderates the TechNet Forum IT Manager discussion (, and presents live TechNet Events throughout the central U.S. ( When he's not busy learning or blogging about new technologies, Kevin enjoys digital photography and videography, and sings in a band. (Q: Midlife crisis? A: More cowbell!) He continues to challenge his TechNet Event audiences to sing Karaoke with him.

@MicroservicesExpo Stories
In a report titled “Forecast Analysis: Enterprise Application Software, Worldwide, 2Q15 Update,” Gartner analysts highlighted the increasing trend of application modernization among enterprises. According to a recent survey, 45% of respondents stated that modernization of installed on-premises core enterprise applications is one of the top five priorities. Gartner also predicted that by 2020, 75% of
SYS-CON Events announced today that Super Micro Computer, Inc., a global leader in high-performance, high-efficiency server, storage technology and green computing, will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Supermicro (NASDAQ: SMCI), the leading innovator in high-performance, high-efficiency server technology is a premier provider of advanced server Building Block Solutions® for Data ...
As operational failure becomes more acceptable to discuss within the software industry, the necessity for holding constructive, actionable postmortems increases. But most of what we know about postmortems from "pop culture" isn't actually relevant for the software systems we work on and within. In his session at DevOps Summit, J. Paul Reed will look at postmortem pitfalls, techniques, and tools you'll be able to take back to your own environment so they will be able to lay the foundations for h...
Containers are all the rage among developers and web companies, but they also represent two very substantial benefits to larger organizations. First, they have the potential to dramatically accelerate the application lifecycle from software builds and testing to deployment and upgrades. Second they represent the first truly hybrid-approach to consuming infrastructure, allowing organizations to run the same workloads on any cloud, virtual machine or physical server. Together, they represent a ver...
Now, with more hardware! September 21, 2015, Don MacVittie, Sr. Solutions Architect. The “continuous” trend is continuing (get it..?), and we’ll soon reach the peek of the hype cycle, with continuous everything. At the pinnacle of the hype cycle, do not be surprised to see DDOS attacks re-branded as “continuous penetration testing!” and a fee … Read More Continuous Provisioning
SYS-CON Events announced today the Containers & Microservices Bootcamp, being held November 3-4, 2015, in conjunction with 17th Cloud Expo, @ThingsExpo, and @DevOpsSummit at the Santa Clara Convention Center in Santa Clara, CA. This is your chance to get started with the latest technology in the industry. Combined with real-world scenarios and use cases, the Containers and Microservices Bootcamp, led by Janakiram MSV, a Microsoft Regional Director, will include presentations as well as hands-on...
Opinions on how best to package and deliver applications are legion and, like many other aspects of the software world, are subject to recurring trend cycles. On the server-side, the current favorite is container delivery: a “full stack” approach in which your application and everything it needs to run are specified in a container definition. That definition is then “compiled” down to a container image and deployed by retrieving the image and passing it to a container runtime to create a running...
Despite all the talk about public cloud services and DevOps, you would think the move to cloud for enterprises is clear and simple. But in a survey of almost 1,600 IT decision makers across the USA and Europe, the state of the cloud in enterprise today is still fraught with considerable frustration. The business case for apps in the real world cloud is hybrid, bimodal, multi-platform, and difficult. Download this report commissioned by NTT Communications to see the insightful findings – registra...
SYS-CON Events announced today that Dyn, the worldwide leader in Internet Performance, will exhibit at SYS-CON's 17th International Cloud Expo®, which will take place on November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Dyn is a cloud-based Internet Performance company. Dyn helps companies monitor, control, and optimize online infrastructure for an exceptional end-user experience. Through a world-class network and unrivaled, objective intelligence into Internet condit...
Saviynt Inc. has announced the availability of the next release of Saviynt for AWS. The comprehensive security and compliance solution provides a Command-and-Control center to gain visibility into risks in AWS, enforce real-time protection of critical workloads as well as data and automate access life-cycle governance. The solution enables AWS customers to meet their compliance mandates such as ITAR, SOX, PCI, etc. by including an extensive risk and controls library to detect known threats and b...
Our guest on the podcast this week is Jason Bloomberg, President at Intellyx. When we build services we want them to be lightweight, stateless and scalable while doing one thing really well. In today's cloud world, we're revisiting what to takes to make a good service in the first place. Listen in to learn why following "the book" doesn't necessarily mean that you're solving key business problems.
DevOps Summit, taking place at the Santa Clara Convention Center in Santa Clara, CA, and Javits Center in New York City, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait...
Overgrown applications have given way to modular applications, driven by the need to break larger problems into smaller problems. Similarly large monolithic development processes have been forced to be broken into smaller agile development cycles. Looking at trends in software development, microservices architectures meet the same demands. Additional benefits of microservices architectures are compartmentalization and a limited impact of service failure versus a complete software malfunction....
The last decade was about virtual machines, but the next one is about containers. Containers enable a service to run on any host at any time. Traditional tools are starting to show cracks because they were not designed for this level of application portability. Now is the time to look at new ways to deploy and manage applications at scale. In his session at @DevOpsSummit, Brian “Redbeard” Harrington, a principal architect at CoreOS, will examine how CoreOS helps teams run in production. Attende...
For it to be SOA – let alone SOA done right – we need to pin down just what "SOA done wrong" might be. First-generation SOA with Web Services and ESBs, perhaps? But then there's second-generation, REST-based SOA. More lightweight and cloud-friendly, but many REST-based SOA practices predate the microservices wave. Today, microservices and containers go hand in hand – only the details of "container-oriented architecture" are largely on the drawing board – and are not likely to look much like S...
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo in Silicon Valley. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading in...
DevOps has often been described in terms of CAMS: Culture, Automation, Measuring, Sharing. While we’ve seen a lot of focus on the “A” and even on the “M”, there are very few examples of why the “C" is equally important in the DevOps equation. In her session at @DevOps Summit, Lori MacVittie, of F5 Networks, will explore HTTP/1 and HTTP/2 along with Microservices to illustrate why a collaborative culture between Dev, Ops, and the Network is critical to ensuring success.
Containers have changed the mind of IT in DevOps. They enable developers to work with dev, test, stage and production environments identically. Containers provide the right abstraction for microservices and many cloud platforms have integrated them into deployment pipelines. DevOps and Containers together help companies to achieve their business goals faster and more effectively.
Docker is hot. However, as Docker container use spreads into more mature production pipelines, there can be issues about control of Docker images to ensure they are production-ready. Is a promotion-based model appropriate to control and track the flow of Docker images from development to production? In his session at DevOps Summit, Fred Simon, Co-founder and Chief Architect of JFrog, will demonstrate how to implement a promotion model for Docker images using a binary repository, and then show h...
Any Ops team trying to support a company in today’s cloud-connected world knows that a new way of thinking is required – one just as dramatic than the shift from Ops to DevOps. The diversity of modern operations requires teams to focus their impact on breadth vs. depth. In his session at DevOps Summit, Adam Serediuk, Director of Operations at xMatters, Inc., will discuss the strategic requirements of evolving from Ops to DevOps, and why modern Operations has begun leveraging the “NoOps” approa...