Updated Azure (markdown)

Azure.md

@@ -36,6 +36,35 @@ At Admin Panel / Settings / Email:
 - Password: `MAILJET-PASSWORD`
 - TLS Support: `[_]` (not checked)
 
+If you use Caddy Let's Encrypt SSL for public server, that requires SSL cert validation from multiple not-listed IP addresses of Let's Encrypt, file `/var/snap/wekan/common/Caddyfile`
+
+```
+boards.example.com.com {
+  tls {
+      alpn http/1.1
+  }
+  proxy / localhost:3001 {
+    websocket
+    transparent
+  }
+}
+```
+If you have private server that should be only accessible from private IP (limited by Azure firewall settings), and need SSL, you can not use Let's Encrypt free SSL that validates public availability from multiple non-disclosed IP addresses. For this purpose, you can get SSL certificate. Here is example of SSL cert from with SSL.com .
+
+Join certificates together to .pem file, in order of:
+1) privatekey of example.com
+2) wildcard or one subdomain cert of example.com
+3) sub ca
+4) root ca
+5) trusted network ca
+```
+cat example_com.key >> example.com.pem
+cat STAR_example_com.crt >> example.com.pem 
+cat SSL_COM_RSA_SSL_SUBCA.crt >> example.com.pem 
+cat SSL_COM_ROOT_CERTIFICATION_AUTHORITY_RSA.crt >> example.com.pem 
+cat CERTUM_TRUSTED_NETWORK_CA.crt >> example.com.pem 
+```
+
 ### There are two major steps for configuring Wekan to authenticate to Azure AD via OpenID Connect (OIDC)
 
 1. Register the application with Azure. Make sure you capture the application ID as well as generate a secret key.