We welcome user feedback and feature requests!

Add support for free SSL certs like those from Let's Encrypt

Now that the EFF and Mozilla are backing the Let's Encrypt project to provide everyone free SSL certs, it would be great if you would permit free usage of SSL certs on Azure Websites.

709 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    Here is some additional info to the WebJob @OhadSchneider posted below.

    This is a WebJob-ready console application for renewing Azure Web App TLS/SSL certificates (based on letsencrypt-siteextension).

    • Install on any Web App (unlike the extension, doesn’t have to be the same web app for which you want to manage SSL certs).
    o Publishing with “Delete Existing files” has no effect when the WebJob is deployed to a different (preferably dedicated) Web App (doing this with the extension would silently delete its renewal webjob – by far its biggest issue IMO)
    o Multiple Web App management is supported (compared to the extension that you’d have to install on each and every Web App you own and manage separately)
    • E-mail notifications are built in (via SendGrid).
    • No external dependencies other than Let’s Encrypt (the extension relies on an Azure Storage account which has to be both alive and configured in a certain way, if not renewal will fail).
    • Can be executed as a plain command-line tool from any environment, e.g. a CI system (the extension can only be executed as a WebJob in the context of a Web App)

    Take a look!
    https://github.com/ohadschn/letsencrypt-webapp-renewer

    Thank you Ohad for the summary and sharing your solution!

    77 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Anonymous commented  ·   ·  Flag as inappropriate

        It seems like Amazon just did much better (AWS Certificate Manager), adding pervasive support from provisioning and managing of certificates, to automatic incorporation in load-balancer and CloudFront.

        In a somewhat striking contrast, Microsoft is satisfied with declaring the need "community solved"... :(

      • Anonymous commented  ·   ·  Flag as inappropriate

        Great, now please connect with your fellow Azure colleagues, and see what can be done to add pervasive Letsencrypt support across the Azure ecosystem (for VM endpoints, CDN, blob storage, etc.

      • Gonkers commented  ·   ·  Flag as inappropriate

        As a developer I would be very interested in this. Please make it happen. Thanks!

      • Mitch R commented  ·   ·  Flag as inappropriate

        Bump!

        It's now 2016...

        I think MS should start investing a little time in this because it's going to be a big part of the web going forward.

      • Hrncek commented  ·   ·  Flag as inappropriate

        That would be indeed great if there is toolset for automatic certificate renewal also for Azure websites not just Apache.
        Thanks

      • Anonymous commented  ·   ·  Flag as inappropriate

        The request message was malformed :: Error creating new authz :: Name is blacklisted :\ while using letsencrypt on my vm

      • Geoffrey Huntley commented  ·   ·  Flag as inappropriate

        It would be pretty amazing to see Azure + Let's Encrypted integrated and Azure completely handle/manage the agent/renewal process.

      • Kristofer Olafsson commented  ·   ·  Flag as inappropriate

        I also think this would be an Awesome feature. Even if MS rolled something out just like it for Azure sites. You know who I am and all my billing info so why not roll that into a free cert for things running in azure.

      • Mike commented  ·   ·  Flag as inappropriate

        Azure Web (and IIS) needs full ACME integration. There should be no need to install or renew certs manually, it should all be automatic.

      • Anonymous commented  ·   ·  Flag as inappropriate

        Let's Encrypt support in Azure should become as easy as ticking a single checkbox. Once set, it should request, install and auto-renew as necessary.

      • ch commented  ·   ·  Flag as inappropriate

        Yes making letsencrypt easy to add to an azure website would be great. I do not have a secured website because it seems like to much of a hassle messing with certs. If you guys could make letsencrypt on azure as easy as a setting to encrypt a site in azure that would be awesome.

      • Philip Coupar commented  ·   ·  Flag as inappropriate

        I am happy to split these ideas up but I have recently had to renew a number of certificates on Azure for websites and cloud services.

        There needs to be an easy way to see all certificates in a subscription and potentially an alert capability for expiring certificates.

        A simple tool to create and apply domain verified certificates and renewals (or automated renewal similar to what has been proposed by Let's Encrypt.

        A deeper integration with a provider like godaddy to provide paid for enhanced verification certificates but with the same simple creation and renewal capability.

        Azure based tools for pfx creation and/or a secure store for private keys that can help automate the certificate process.

      • Philip Coupar commented  ·   ·  Flag as inappropriate

        Support for Let's Encrypt would make it easy for everyone to use SSL on their websites, even if this still required standard.

        It would be even better if Azure had it's own CA and was able to distribute and install SSL certificates for custom domains and automate the renewal process (with possible premuim offers for OV or EV certificates)

      1 2 4 Next →

      Feedback and Knowledge Base