Add support for free SSL certs like those from Let's Encrypt
Now that the EFF and Mozilla are backing the Let's Encrypt project to provide everyone free SSL certs, it would be great if you would permit free usage of SSL certs on Azure Websites.
Anonymous
shared this idea
Here is some additional info to the WebJob @OhadSchneider posted below.
This is a WebJob-ready console application for renewing Azure Web App TLS/SSL certificates (based on letsencrypt-siteextension).
• Install on any Web App (unlike the extension, doesn’t have to be the same web app for which you want to manage SSL certs).
o Publishing with “Delete Existing files” has no effect when the WebJob is deployed to a different (preferably dedicated) Web App (doing this with the extension would silently delete its renewal webjob – by far its biggest issue IMO)
o Multiple Web App management is supported (compared to the extension that you’d have to install on each and every Web App you own and manage separately)
• E-mail notifications are built in (via SendGrid).
• No external dependencies other than Let’s Encrypt (the extension relies on an Azure Storage account which has to be both alive and configured in a certain way, if not renewal will fail).
• Can be executed as a plain command-line tool from any environment, e.g. a CI system (the extension can only be executed as a WebJob in the context of a Web App)
Take a look!
https://github.com/ohadschn/letsencrypt-webapp-renewer
Thank you Ohad for the summary and sharing your solution!
63 comments
-
Dennis Daume
commented
Ohad's Webjob is great, but it sadly doesn't support the local cache feature that is crucial to be enabled for highly-available web services.
It would be great if there would be something built-in and officially supported rather than having the community have to play catch-up with the app service features
-
Anonymous
commented
The answer by Azure App services's is a bit terrible. We would prefer an integrated solution similar to Azure app services certificates, not a web app that would need maintenance from us. Definitely #PaaS.
-
Fernando Silva commented
Wow, terrible solution, as expected of the Azure App Team
-
Peter
commented
This task really shouldn't have been closed - this looks like a cheap way out of the problem. We can buy SSL certificates at the press of a button - please don't make this harder for us just because it's bad for the money making scheme that the certificate business is.
-
Christian Weiss
commented
http://cloudplatform.googleblog.com/2017/09/introducing-managed-SSL-for-Google-App-Engine.html
Google shows how to do this - kudos to them. I wish Microsoft would take this topic as serious as them.
-
Crispin Horsfield
commented
Although apparently better than its predecessor - for which thanks - it's still not the integrated solution I reckon most of us would like.
-
Lajos Marton
commented
From one side this is a possible solution. From other side this is a big shame for Azure App Service Team.
-
Ohad Schneider
commented
-
Brian Seekford
commented
This shouldn't be closed. The setup of the so called "fix" is a pain. Build something into Azure to make it easy. Why can't this simply be an option for the cert? Make this a built in feature, not a hack addon.
-
Jonathan
commented
Microsoft, you're taking a cheap and easy way out of this request for Let's Encrypte support. A third party app that's not integrated into the Azure Portal is hardly the solution people are looking for and requesting. With other providers like KeyCDN (at less than 1/2 the cost of Azure CDN) users get fully integrated Let's Encrypt SSL, ability to hand CDN with HTTPS over a custom domain, and various other features Azure lacks. You're a multi-billion dollar company. Please pull your thumb out and delivery these crucial CDN features.
-
kapsiR
commented
Please provide official support for Let's Encrypt!
https://feedback.azure.com/forums/170024-additional-services/suggestions/16957756-add-integration-with-let-s-encrypt -
Harald Mühlhoff
commented
Dear MS,
this is beta-software and not recommended for production environments by the author ... we need better support by you!
Best regards,
Harald Mühlhoffhttps://github.com/sjkp/letsencrypt-siteextension/blob/master/README.md#known-issues
-
Anonymous
commented
What about people with VMs? This cannot be tight to site extensions ...
-
Tomasz Jagusz
commented
Please reopen this. As many before said this should be build in into Azure portal. Many hosting providers (OVH for example) allows using LetsEncrypt using two clicks. It's awesome there is an extension that help with it, but this must be build-in feature.
-
Anonymous
commented
Agreed - this should be reopened - it should be a simple dashboard option.
-
Joe
commented
Reopen please. DreamHost has built-in support for this and so should Azure. 709 votes... come on. https://www.dreamhost.com/hosting/ssl-tls-certificates/
-
Ian
commented
Site extension took a lot of setup but works great!
-
Steven
commented
That's a bit of a cop out guys.
You should give this proper consideration. -
Andrew R
commented
Please re-open. SSL should be automatically available for any custom domain added to an Azure web app.
Community workaround is good, but it is cumbersome and difficult to setup.
-
Simon Michelizza
commented
Please, re-open it and address this. Community solved won't do it for everyone. Thank you!