This post walkthrough “how to add an https endpoint to a Windows Azure Cloud Service”. First are the cert requirements: 
The certificate must contain a private key that is marked exportable; The certificate must have the Server Authentication Intended Purpose — When running on the Development Fabric, the certificate also needs to be self-signed – this is to prevent any security issues around leaking the private key of a real certificate. 1) open the ServiceDefinition.csdef file in the CloudService project in Visual Studio and add a second InputEndpoint to the WebRole[…]

Full Article