Add support for free SSL certs like those from Let's Encrypt
Now that the EFF and Mozilla are backing the Let's Encrypt project to provide everyone free SSL certs, it would be great if you would permit free usage of SSL certs on Azure Websites.
Here is some additional info to the WebJob @OhadSchneider posted below.
This is a WebJob-ready console application for renewing Azure Web App TLS/SSL certificates (based on letsencrypt-siteextension).
• Install on any Web App (unlike the extension, doesn’t have to be the same web app for which you want to manage SSL certs).
o Publishing with “Delete Existing files” has no effect when the WebJob is deployed to a different (preferably dedicated) Web App (doing this with the extension would silently delete its renewal webjob – by far its biggest issue IMO)
o Multiple Web App management is supported (compared to the extension that you’d have to install on each and every Web App you own and manage separately)
• E-mail notifications are built in (via SendGrid).
• No external dependencies other than Let’s Encrypt (the extension relies on an Azure Storage account which has to be both alive and configured in a certain way, if not renewal will fail).
• Can be executed as a plain command-line tool from any environment, e.g. a CI system (the extension can only be executed as a WebJob in the context of a Web App)
Thank you Ohad for the summary and sharing your solution!
Microsoft, you're taking a cheap and easy way out of this request for Let's Encrypte support. A third party app that's not integrated into the Azure Portal is hardly the solution people are looking for and requesting. With other providers like KeyCDN (at less than 1/2 the cost of Azure CDN) users get fully integrated Let's Encrypt SSL, ability to hand CDN with HTTPS over a custom domain, and various other features Azure lacks. You're a multi-billion dollar company. Please pull your thumb out and delivery these crucial CDN features.
Please provide official support for Let's Encrypt!
Harald Mühlhoff commented
this is beta-software and not recommended for production environments by the author ... we need better support by you!
What about people with VMs? This cannot be tight to site extensions ...
Tomasz Jagusz commented
Please reopen this. As many before said this should be build in into Azure portal. Many hosting providers (OVH for example) allows using LetsEncrypt using two clicks. It's awesome there is an extension that help with it, but this must be build-in feature.
Agreed - this should be reopened - it should be a simple dashboard option.
Reopen please. DreamHost has built-in support for this and so should Azure. 709 votes... come on. https://www.dreamhost.com/hosting/ssl-tls-certificates/
Site extension took a lot of setup but works great!
That's a bit of a cop out guys.
You should give this proper consideration.
Andrew R commented
Please re-open. SSL should be automatically available for any custom domain added to an Azure web app.
Community workaround is good, but it is cumbersome and difficult to setup.
Simon Michelizza commented
Please, re-open it and address this. Community solved won't do it for everyone. Thank you!
Ryan Bennett commented
This is a step that should not take longer than a few clicks. The community extension is decent but still way too many manual steps. This is too important to ignore and should be beyond easy to setup.
Yavor Stoychev commented
This should *not* be closed. It's a pain ********** to set up. There should be an option to use letsencrypt in the azure portal when configuring an application gateway.
Why is this closed, its still too painful to setup.
Anders Tornblad commented
Please reopen this! It's 2017. Everything should be HTTPS. The solution should be incorporated nicely with the rest of the easy-to-use Azure features.
This is not completed, security is not a luxusry in 2017. It should be done with the press of a button, built-in in the dashboard.
Please re-open this? It should simply be a checkbox in the portal!
Please re-open this?
This is not completed.
The community solution is still too complicated.
This needs to be reopened and integrated into Azure (as everyone else is saying)