Implementing an SSL certificate
HTTP web traffic sent between the server and browser is sent unencrypted in the clear text, which is a security risk since a third party can potentially hijack the traffic and read the data, which may contain sensitive information such as names, addresses, and bank details.
When we implement a Secure Socket Layer (SSL) certificate and use an HTTP Secure (HTTPS) endpoint, the traffic is encrypted, making it difficult to steal by a third party (although not impossible—look up the man-in-the-middle attack and brute force attack; the former is associated with hackers and the latter with government agencies that have super computers!).
Using HTTPS has a performance impact as every connection made has an initial handshake between the browser and server to set up the encryption (using an SSL certificate) before data is sent, so it's important to decide where to use it.
Azure websites have SSL endpoints by default, provided by the .azurewebsites.net
wildcard SSL certificate...