Configure Sitecore Commerce 9 on Azure VM

When you setup single-server Sitecore Commerce 9 instance for staging or demo environment you need to take care of additional settings to make it work with custom domain name. Here I will try to cover all of them for XC instance installed on Azure virtual machine, but it should be similar for your on-premise server.

Hostnames in Configuration Files

  • Business Tools app: Set EngineUri, IdentityServerUri and BizFxUri in file SitecoreBizFx\assets\config.json:

  • Identity Server app: Set AppSettings\Clients\RedirectUris (you can also add whole new entry) in file  SitecoreIdentityServer\wwwroot\appsettings.json:

  • For all commerce engine roles set AppSettings\SitecoreIdentityServerUrl and AllowedOrigins  in file {CommerceAuthoring/Ops/Minions/Shops}\wwwroot\config.json:

  • For all commerce engine roles set Policies\$values\Host in {CommerceAuthoring/Ops/Minions/Shops}\wwwroot\data\Environments\PlugIn.Content.PolicySet-1.0.0.json:

Certificates in Configuration Files

  • For all commerce engine roles set thumbprint of your storefront site in Certificates\Certificates\Thumbprint (you can also add whole new entry)  in file {CommerceAuthoring/Ops/Minions/Shops}\wwwroot\config.json:

To get certificate thumbprints, call PowerShell script Get-ChildItem -path cert:\LocalMachine\My and copy value for the certificate used for your sites.

Commerce Tools in Launchpad

In core database change the Link field value in /sitecore/client/Applications/Launchpad/PageSettings/Buttons/Commerce/BusinessTools item:

Storefront host name

In master database change the Host Name field value in /sitecore/content/{Sites}/{Site}/Settings/Site Grouping/{Site} item:

Hostnames in IIS

Configure IIS site bindings, port number and select SSL certificate for:

  • Sitecore (storefront) site:

  • Commerce business tools (BizFx):

  • Identity Server:

  • Commerce authoring service:

Local Firewall Settings

Add inbound rule for ports 4200, 5000, 5050 in local firewall on VM:


Firewall Settings in Azure Portal

Add inbound rules for ports 4200, 5000, 5050 (and also for 80 and 443 if missing) in VM Networking settings in Azure Portal:

  • Jimmy

    I also had to update the Sitecore.commerce.Engine.Connect.config in the sitecore rootapp_configincludey.commerce.engine folder path. There is a CertificateThumbprint that needs updated with the new thumbprint as well. I saw in my commerce logs it was still referencing the old thumbprint. Once I changed it here, everything worked.

    • whuu

      @disqus_awjnVma9oE:disqus thanks for your feedback!

  • serdar karahisarli


    this was a blog that I was looking for. I guess I did the steps correctly but I am not sure what you mean with the “Certificates in Configuration Files”. Which certificate’s thumbprint should be updated in that config? Is it the new certificate that you get for the domain ? because the default installation puts the xxx.engineconnect certificate’s into that thumbprint.

    • whuu


      You should put there certificate which you used for your storefront domain and BixFx app (if it uses different certificate). Finally in this file you should have thumbprints for all certificates of domains which you have in “AllowedOrigins” entry in same config file.

      • serdar karahisarli

        thanks for the reply, I forgot to say that 🙂