Add support for free tls/ssl certificates
I want to create a tls/ssl binding to a custom host-name with a free certificate
We are looking at options to enable this.
One of the worst decision by Microsoft I ever saw. Let's Encrypt is a free service able to push up the security level of the whole Internet and Microsoft don't understand the value and importance of being part of it.
Dear Microsoft, take a look at the sponsors page https://letsencrypt.org/sponsors/ and you'll understand that you're making the wrong decision.
325 votes in less than 12 hours. How many times are we going to have to tell you to fix this MS?
Terrible decision Microsoft. You make enough money, stop trying to push your certs and give us this feature. How is this even going to work on Key Vault? I'll be quite happy if it does, but I don't see this happening.
Seems as if this was closed without understanding both the necessity, and the reasons why it would be incredibly difficult to implement it on Key Vault, since you need access directly to the web server or the traffic router that sits in front of it.
1700+ votes – poof.
I see a problem with this system…
Rob de Voer commented
Very disappointed that the big amount of support for this request is gone now that it has been transferred. Micosoft Moderator, Please correct this by bumping it up please.
Christian Weiss commented
Is it even possible to integrate Let's Encrypt with Key Vault, if it doesn't have access to the DNS or the Webserver? How will the validation take place?
With Let's Encrypt integrated into App Service AND Application Gateway (see related issue https://feedback.azure.com/forums/217313-networking/suggestions/15728205-let-s-encrypt-integration-for-https-certificates ) you would have the "epic" opportunity to make almost every public endpoint of Azure secure by default - this would be a huuuge selling point for Azure.
It feels like you're clearly missing out on a great opportunity here. :-(
Brendan Green commented
Bit disappointed that the over 1,700 votes from the original item haven't carrier over to this one.
Nicolas Cadilhac commented
This kind of decision makes me seriously think about 1. moving my sites out of azure, 2. creating new sites out of azure.
Mike Cousins commented
They're obviously just trying to push their own super expensive SSL certs....
Horrible decision Microsoft. This would be so much better if it was built into App Service instead of Key Vault.
This got closed twice now with both time a huge amount of votes.
We need to vote again on a third User Voice to have this feature considered?
Chris Compy commented
Let's Encrypt offers low cost certificate authority services. They would be a great resource to integrate with for use in Azure Web Apps among other Azure services.
This is not completed.
The community solution is still too complicated.
This is becoming more important all the time. I am reluctant to move a lot of sites over to Azure because of the lack of support for Let's Encrypt.
This needs to be reopened and integrated into Azure (as everyone else is saying)
I would give all ten of my votes for this if I could. My whole team would pool all of our votes and put them toward this if we could.
Mark Allan commented
NB for clarity - the "ideal solution" referred to is the request for a button in the Azure Portal, not all the manual fiddling around that takes up the rest of the post ;)
The other question would have to be why free SSL certs like Let's Encrypt would only be made available to the more costly Basic plans and higher instead of offering for Shared pricing tiers. But that's probably a separate request.
Elias Probst commented
Take a look at Caddy (https://caddyserver.com) as a perfect example how absolutely painless ACME/TLS support can be done…
Also make sure to implement generic ACME support, not only ACME tied to Let'sEncrypt.
Nick Randell commented
I followed Troy's post, it worked, seemed to be quite a few steps to do, but only took 10 minutes which for a first time through is good. Making it easy to use will be really important.
How about an azure version of lets encrypt so that it is built into to azure automatically. Maybe through in HTTP/2 at the same time - ie roll on Server 2016!
The steps don't look solid. It took me 1 hour, was successful, but I do not trust it (not sure the job will renew...). The number of votes in 2 weeks is+467 votes. I think it's clear that this would be a very favorable solution. Please, do not close it as Community Solution. Lot of people are coming to the cloud to have a part of the setup handled as a service. This would be a great feature and something that everyone doing web will embrace to use.