The Service Management API provides programmatic access to much of the functionality available through the Management Portal. Using the Service Management API, you can manage your storage accounts and hosted services, your service deployments, and your affinity
The Service Management API is a REST API. All API operations are performed over SSL and mutually authenticated using X.509 v3 certificates. The management service may be accessed from within a service running in Windows Azure, or directly over the Internet
from any application that can send an HTTPS request and receive an HTTPS response. For more background and in-depth information about the management API's, refer to the
The Windows Azure SDK for PHP provides a wrapper for the REST API calls, providing native PHP access to all the functionality exposed by this service.
The Service Management API requires mutual authentication of certificates over SSL to ensure that a request made to the management service is secure.
To make a request against the Service Management API, you must first associate a certificate with your subscription, then send the certificate's private key with the request.
Generating a management certificate
Any X.509 v3 certificate can be used for authentication against the Service Management API. You can use a self-signed certificate or one signed by a certificate authority. The length of the certificate's key must be at least 2048 bits. Windows Azure will
reject any certificate that does not meet this requirement.
A pair of PFX and CER (private and public) certificates should be generated. Also, a PEM certificate will be required for connecting to the management API from PHP. Generating the required certificates can be done as follows:
- Download OpenSSL from
- Start a command prompt and navigate to the folder where OpenSSL.exe is installed
- Issue the following statement to generate a PEM certificate. This certificate will be the base certificate used by PHP to connect to the management service API.
openssl req -x509 -nodes -days 9999 -newkey rsa:2048 -keyout mycert.pem -out mycert.pem
- Issue the following command to convert the PEM certificate to a PFX certificate.
openssl pkcs12 -export -out mycert.pfx -in mycert.pem -name "My Certificate"
- Issue the following command to convert the PEM cetificate to a CER certificate.
openssl x509 -in mycert.pem -inform PEM -out mycert.cer -outform DER
The folder where OpenSSL.exe is installed will now contain 3 files: mycert.pem, mycert.pfx and mycert.cer. These files can be used for connecting to the management API from PHP.
Preparing your subscription to use the Management API
In order for the Windows Azure SDK to be able to connect to the Windows Azure Service Management API, a certificate file should be uploaded to the Windows Azure management portal. This can be done through
Under Hosted Services, Storage Accounts & CDN, upload the CER file created previously.
Creating a hosted service programmatically
Creating a deployment programmatically
Other supported actions