Add support for free SSL certs like those from Let's Encrypt
Now that the EFF and Mozilla are backing the Let's Encrypt project to provide everyone free SSL certs, it would be great if you would permit free usage of SSL certs on Azure Websites.
Here is some additional info to the WebJob @OhadSchneider posted below.
This is a WebJob-ready console application for renewing Azure Web App TLS/SSL certificates (based on letsencrypt-siteextension).
• Install on any Web App (unlike the extension, doesn’t have to be the same web app for which you want to manage SSL certs).
o Publishing with “Delete Existing files” has no effect when the WebJob is deployed to a different (preferably dedicated) Web App (doing this with the extension would silently delete its renewal webjob – by far its biggest issue IMO)
o Multiple Web App management is supported (compared to the extension that you’d have to install on each and every Web App you own and manage separately)
• E-mail notifications are built in (via SendGrid).
• No external dependencies other than Let’s Encrypt (the extension relies on an Azure Storage account which has to be both alive and configured in a certain way, if not renewal will fail).
• Can be executed as a plain command-line tool from any environment, e.g. a CI system (the extension can only be executed as a WebJob in the context of a Web App)
Thank you Ohad for the summary and sharing your solution!
Please, this cannot be the "official" solution for a serious PaaS contender...
Yes, re-open and add easy cert install with "Let's Encrypt" certificates like dreamhost offers.
Krzysztof Madejski commented
Please reopen, it should be handled officially with more straightforward way to setup.
Karsten Küpper commented
The proposed solution does not support Multi-region websites. Please re-open and implement it properly.
Tim Skauge commented
Please re-open to add official support for this!
Ally Murray commented
Agree with other commenters, please reopen.
Brian Seekford commented
This should be reopened. The webjob is a major pain. Just read the 8 pages of steps. Why couldn't this be a built in feature. Tick a box and have Azure do it. The azure team is being majorly lazy or some lawyer somewhere is being a road block.
Eric Malamisura commented
This is not what we wanted. This still very much relies on the free time of an open source developer to add support. What we wanted was for you to officially support this service and maintain it.
@admin the solution provided requires more than one click to implement, could this be reconsidered please.
Tatsuro Shibamura commented
Russ Painter commented
Not completed. This is just a hacky work around, not a supported feature like it should be.
Please reopen this ticket.
Andreas Jochum commented
Thank you for this solution. I can work with it temporarily. However, I also find that this function must be available directly in the App Services settings. Please reopen the ticket.
Michel Zehnder commented
Please provide official support for this, else it's not a real solution for production environments.
please dont be lazy people .. reopen the issue and provide official support for it ..
Nicholas Pretorius commented
The "Completed" status of this topic is debatable - depending on your interpretation of the word "support". Kudos to the Azure team for promoting Ohad and sjkp's work and big thank you to them both for their hard work on this topic! Had the topic title said "Enable usage of free SSL certs like Let's Encrypt" then the topic would be "completed". As it stands, MS does not support these solutions.
"This site-extension is NOT supported by Microsoft" - sjkp (repeated on Ohad's page)
Philippe Matray commented
REOPEN THIS ISSUE !!!
Dennis Daume commented
Ohad's Webjob is great, but it sadly doesn't support the local cache feature that is crucial to be enabled for highly-available web services.
It would be great if there would be something built-in and officially supported rather than having the community have to play catch-up with the app service features
The answer by Azure App services's is a bit terrible. We would prefer an integrated solution similar to Azure app services certificates, not a web app that would need maintenance from us. Definitely #PaaS.
Fernando Silva commented
Wow, terrible solution, as expected of the Azure App Team