Add support for free SSL certs like those from Let's Encrypt
Now that the EFF and Mozilla are backing the Let's Encrypt project to provide everyone free SSL certs, it would be great if you would permit free usage of SSL certs on Azure Websites.
Anonymous
shared this idea
Here is some additional info to the WebJob @OhadSchneider posted below.
This is a WebJob-ready console application for renewing Azure Web App TLS/SSL certificates (based on letsencrypt-siteextension).
• Install on any Web App (unlike the extension, doesn’t have to be the same web app for which you want to manage SSL certs).
o Publishing with “Delete Existing files” has no effect when the WebJob is deployed to a different (preferably dedicated) Web App (doing this with the extension would silently delete its renewal webjob – by far its biggest issue IMO)
o Multiple Web App management is supported (compared to the extension that you’d have to install on each and every Web App you own and manage separately)
• E-mail notifications are built in (via SendGrid).
• No external dependencies other than Let’s Encrypt (the extension relies on an Azure Storage account which has to be both alive and configured in a certain way, if not renewal will fail).
• Can be executed as a plain command-line tool from any environment, e.g. a CI system (the extension can only be executed as a WebJob in the context of a Web App)
Take a look!
https://github.com/ohadschn/letsencrypt-webapp-renewer
Thank you Ohad for the summary and sharing your solution!
59 comments
-
Christian Weiss
commented
http://cloudplatform.googleblog.com/2017/09/introducing-managed-SSL-for-Google-App-Engine.html
Google shows how to do this - kudos to them. I wish Microsoft would take this topic as serious as them.
-
Crispin Horsfield
commented
Although apparently better than its predecessor - for which thanks - it's still not the integrated solution I reckon most of us would like.
-
Lajos Marton
commented
From one side this is a possible solution. From other side this is a big shame for Azure App Service Team.
-
Ohad Schneider
commented
-
Brian Seekford
commented
This shouldn't be closed. The setup of the so called "fix" is a pain. Build something into Azure to make it easy. Why can't this simply be an option for the cert? Make this a built in feature, not a hack addon.
-
Jonathan
commented
Microsoft, you're taking a cheap and easy way out of this request for Let's Encrypte support. A third party app that's not integrated into the Azure Portal is hardly the solution people are looking for and requesting. With other providers like KeyCDN (at less than 1/2 the cost of Azure CDN) users get fully integrated Let's Encrypt SSL, ability to hand CDN with HTTPS over a custom domain, and various other features Azure lacks. You're a multi-billion dollar company. Please pull your thumb out and delivery these crucial CDN features.
-
kapsiR
commented
Please provide official support for Let's Encrypt!
https://feedback.azure.com/forums/170024-additional-services/suggestions/16957756-add-integration-with-let-s-encrypt -
Harald Mühlhoff
commented
Dear MS,
this is beta-software and not recommended for production environments by the author ... we need better support by you!
Best regards,
Harald Mühlhoffhttps://github.com/sjkp/letsencrypt-siteextension/blob/master/README.md#known-issues
-
Anonymous
commented
What about people with VMs? This cannot be tight to site extensions ...
-
Tomasz Jagusz
commented
Please reopen this. As many before said this should be build in into Azure portal. Many hosting providers (OVH for example) allows using LetsEncrypt using two clicks. It's awesome there is an extension that help with it, but this must be build-in feature.
-
Anonymous
commented
Agreed - this should be reopened - it should be a simple dashboard option.
-
Joe
commented
Reopen please. DreamHost has built-in support for this and so should Azure. 709 votes... come on. https://www.dreamhost.com/hosting/ssl-tls-certificates/
-
Ian
commented
Site extension took a lot of setup but works great!
-
Steven
commented
That's a bit of a cop out guys.
You should give this proper consideration. -
Andrew R
commented
Please re-open. SSL should be automatically available for any custom domain added to an Azure web app.
Community workaround is good, but it is cumbersome and difficult to setup.
-
Simon Michelizza
commented
Please, re-open it and address this. Community solved won't do it for everyone. Thank you!
-
Ryan Bennett commented
This is a step that should not take longer than a few clicks. The community extension is decent but still way too many manual steps. This is too important to ignore and should be beyond easy to setup.
-
Yavor Stoychev commented
This should *not* be closed. It's a pain ********** to set up. There should be an option to use letsencrypt in the azure portal when configuring an application gateway.
-
Anonymous
commented
Why is this closed, its still too painful to setup.
-
Anders Tornblad
commented
Please reopen this! It's 2017. Everything should be HTTPS. The solution should be incorporated nicely with the rest of the easy-to-use Azure features.
