Skip to content
Simple tool to add a Let's Encrypt SSL certificate to your websites.
C# Batchfile
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.

Files

Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
src
.gitignore
README.md Update the Readme main page Jun 12, 2019

README.md

AzureLetsEncrypt

Simple tool to add a Let's Encrypt SSL certificate to your websites. This application is a .NET Core tool that generates an SSL certificate, validates it with LetsEncrypt and publishes it on an Azure Web App.

The detailled steps to create a SSL certificate and validate it with the Let’s Encrypt Certificate Authority are described in my blog : https://dvoituron.com/2018/01/29/ssl-certification-azure-letsencrypt. This tool automates these steps.

How to use AzureLetsEncrypt ?

Generate a certificate manually

2 minutes of a live demo: https://youtu.be/OCKpC1W4Wks

Use the NuGet .NET Tool: https://www.nuget.org/packages/Dvoituron.Tools.AzureLetsEncrypt The procedure steps are here.

Publish automatically to Azure

  1. Download the last release of AzureLetsEncrypt

  2. Edit the AppSettings.json file with your personnal information:

    {
        "azure": {
            "clientId": "[clientId]",
            "clientSecret": "[clientSecret]",
            "tenantId": "[tenantId]",
            "webAppResourceId": "[ResourceID]",
            "resourceGroup": "[ResourceGroup]"
        },
        "certificate": {
            "domains": [
                "mydomain.com",
                "www.mydomain.com"
            ],
            "password": "MyP@ssword",
        }
    }
    • clientId, clientSecret, tenantId: To get these Ids, open a Cloud shell in Azure portal and run this command

      az ad sp create-for-rbac --sdk-auth
      

      You can also install Azure CLI on your PC, and execute az login and az ad sp create-for-rbac --sdk-auth.

    • resourceId, resourceGroup: in Azure portal, go to App Services > [Web App] > Properties > Resource ID and Resource Group.

    • domains: write all domains to include in the Pfx certificate. Your domains must be accessible (ex. http://mydomain.com must return a web content).

    • password: define a secret password to protect the generated Pfx. Keep in mind this password to install the pfx file later.

  3. Save and include the new AppSettings.json file in the release ZIP package.

  4. Go to Azure portal, navigate to your Web App Service, and select the WebJobs section.

    • Add a new WebJob
    • Define a job name (ex. RenewSsl)
    • Select your local ZIP file name, adapted with your AppSettings.json
    • Define the job type as Triggered
      • Trigger type : Scheduled
      • CRON Expression: 0 0 3 1 * * Each first day of month, at 3AM
    • Save this new Job. You can Run this job for the first time to validate it. Go to the SSL settings section to check you new SSL certificate.
You can’t perform that action at this time.