We welcome user feedback and feature requests!

Add support for free SSL certs like those from Let's Encrypt

Now that the EFF and Mozilla are backing the Let's Encrypt project to provide everyone free SSL certs, it would be great if you would permit free usage of SSL certs on Azure Websites.

709 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
    completed  ·  AdminAzure App Service team (Admin, Microsoft Azure) responded  · 

    Here is some additional info to the WebJob @OhadSchneider posted below.

    This is a WebJob-ready console application for renewing Azure Web App TLS/SSL certificates (based on letsencrypt-siteextension).

    • Install on any Web App (unlike the extension, doesn’t have to be the same web app for which you want to manage SSL certs).
    o Publishing with “Delete Existing files” has no effect when the WebJob is deployed to a different (preferably dedicated) Web App (doing this with the extension would silently delete its renewal webjob – by far its biggest issue IMO)
    o Multiple Web App management is supported (compared to the extension that you’d have to install on each and every Web App you own and manage separately)
    • E-mail notifications are built in (via SendGrid).
    • No external dependencies other than Let’s Encrypt (the extension relies on an Azure Storage account which has to be both alive and configured in a certain way, if not renewal will fail).
    • Can be executed as a plain command-line tool from any environment, e.g. a CI system (the extension can only be executed as a WebJob in the context of a Web App)

    Take a look!
    https://github.com/ohadschn/letsencrypt-webapp-renewer

    Thank you Ohad for the summary and sharing your solution!

    79 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Anonymous commented  ·   ·  Flag as inappropriate

        Yes, re-open and add easy cert install with "Let's Encrypt" certificates like dreamhost offers.

      • Brian Seekford commented  ·   ·  Flag as inappropriate

        This should be reopened. The webjob is a major pain. Just read the 8 pages of steps. Why couldn't this be a built in feature. Tick a box and have Azure do it. The azure team is being majorly lazy or some lawyer somewhere is being a road block.

      • Eric Malamisura commented  ·   ·  Flag as inappropriate

        This is not what we wanted. This still very much relies on the free time of an open source developer to add support. What we wanted was for you to officially support this service and maintain it.

      • Anonymous commented  ·   ·  Flag as inappropriate

        @admin the solution provided requires more than one click to implement, could this be reconsidered please.

      • Andreas Jochum commented  ·   ·  Flag as inappropriate

        Thank you for this solution. I can work with it temporarily. However, I also find that this function must be available directly in the App Services settings. Please reopen the ticket.

      • John commented  ·   ·  Flag as inappropriate

        please dont be lazy people .. reopen the issue and provide official support for it ..

      • Nicholas Pretorius commented  ·   ·  Flag as inappropriate

        The "Completed" status of this topic is debatable - depending on your interpretation of the word "support". Kudos to the Azure team for promoting Ohad and sjkp's work and big thank you to them both for their hard work on this topic! Had the topic title said "Enable usage of free SSL certs like Let's Encrypt" then the topic would be "completed". As it stands, MS does not support these solutions.

        "This site-extension is NOT supported by Microsoft" - sjkp (repeated on Ohad's page)

        https://github.com/ohadschn/letsencrypt-webapp-renewer#limitations--disclaimer

      • Dennis Daume commented  ·   ·  Flag as inappropriate

        Ohad's Webjob is great, but it sadly doesn't support the local cache feature that is crucial to be enabled for highly-available web services.

        It would be great if there would be something built-in and officially supported rather than having the community have to play catch-up with the app service features

      • Anonymous commented  ·   ·  Flag as inappropriate

        The answer by Azure App services's is a bit terrible. We would prefer an integrated solution similar to Azure app services certificates, not a web app that would need maintenance from us. Definitely #PaaS.

      ← Previous 1 3 4

      Feedback and Knowledge Base