Add support for free SSL certs like those from Let's Encrypt
Now that the EFF and Mozilla are backing the Let's Encrypt project to provide everyone free SSL certs, it would be great if you would permit free usage of SSL certs on Azure Websites.
Here is some additional info to the WebJob @OhadSchneider posted below.
This is a WebJob-ready console application for renewing Azure Web App TLS/SSL certificates (based on letsencrypt-siteextension).
• Install on any Web App (unlike the extension, doesn’t have to be the same web app for which you want to manage SSL certs).
o Publishing with “Delete Existing files” has no effect when the WebJob is deployed to a different (preferably dedicated) Web App (doing this with the extension would silently delete its renewal webjob – by far its biggest issue IMO)
o Multiple Web App management is supported (compared to the extension that you’d have to install on each and every Web App you own and manage separately)
• E-mail notifications are built in (via SendGrid).
• No external dependencies other than Let’s Encrypt (the extension relies on an Azure Storage account which has to be both alive and configured in a certain way, if not renewal will fail).
• Can be executed as a plain command-line tool from any environment, e.g. a CI system (the extension can only be executed as a WebJob in the context of a Web App)
Thank you Ohad for the summary and sharing your solution!
Fernando Silva commented
Wow, terrible solution, as expected of the Azure App Team
This task really shouldn't have been closed - this looks like a cheap way out of the problem. We can buy SSL certificates at the press of a button - please don't make this harder for us just because it's bad for the money making scheme that the certificate business is.
Christian Weiss commented
Google shows how to do this - kudos to them. I wish Microsoft would take this topic as serious as them.
Crispin Horsfield commented
Although apparently better than its predecessor - for which thanks - it's still not the integrated solution I reckon most of us would like.
Lajos Marton commented
From one side this is a possible solution. From other side this is a big shame for Azure App Service Team.
Ohad Schneider commented
Brian Seekford commented
This shouldn't be closed. The setup of the so called "fix" is a pain. Build something into Azure to make it easy. Why can't this simply be an option for the cert? Make this a built in feature, not a hack addon.
Microsoft, you're taking a cheap and easy way out of this request for Let's Encrypte support. A third party app that's not integrated into the Azure Portal is hardly the solution people are looking for and requesting. With other providers like KeyCDN (at less than 1/2 the cost of Azure CDN) users get fully integrated Let's Encrypt SSL, ability to hand CDN with HTTPS over a custom domain, and various other features Azure lacks. You're a multi-billion dollar company. Please pull your thumb out and delivery these crucial CDN features.
Please provide official support for Let's Encrypt!
Harald Mühlhoff commented
this is beta-software and not recommended for production environments by the author ... we need better support by you!
What about people with VMs? This cannot be tight to site extensions ...
Tomasz Jagusz commented
Please reopen this. As many before said this should be build in into Azure portal. Many hosting providers (OVH for example) allows using LetsEncrypt using two clicks. It's awesome there is an extension that help with it, but this must be build-in feature.
Agreed - this should be reopened - it should be a simple dashboard option.
Reopen please. DreamHost has built-in support for this and so should Azure. 709 votes... come on. https://www.dreamhost.com/hosting/ssl-tls-certificates/
Site extension took a lot of setup but works great!
That's a bit of a cop out guys.
You should give this proper consideration.
Andrew R commented
Please re-open. SSL should be automatically available for any custom domain added to an Azure web app.
Community workaround is good, but it is cumbersome and difficult to setup.
Simon Michelizza commented
Please, re-open it and address this. Community solved won't do it for everyone. Thank you!
Ryan Bennett commented
This is a step that should not take longer than a few clicks. The community extension is decent but still way too many manual steps. This is too important to ignore and should be beyond easy to setup.
Yavor Stoychev commented
This should *not* be closed. It's a pain ********** to set up. There should be an option to use letsencrypt in the azure portal when configuring an application gateway.