I created a Azure App Service, and it is accessible at http://foo.azurewebsites.net and https://foo.azurewebsites.net. I only use the HTTPS one, but haven't disabled the other (yet).
I then configure Traffic Manager, and add this as the sole endpoint (for now).
I execute my API via http://foo.trafficmanager.net and it works. But if I try and query against https://foo.trafficmanager.net, then I get an SSL error:
So, do I need a separate SSL certificate for use with TrafficManager? I'm using the default one that came with foo.azurewebsites.net, and that works fine out of the box.
Well, you don't get a TLS certificate for Traffic Manager. You would have to have a cert for it in the Web Apps themselves, and that's not really up to you.
Web Apps provide you with a cert for the *.azurewebsites.net domain, but with Traffic Manager you need to use a custom domain name + a TLS certificate for it installed in each Web App behind Traffic Manager.