Azure Web App with Let's Encrypt Cert
Clone or download
Latest commit 05beb48 Feb 3, 2018
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.gitignore Working version Jan 16, 2018
CreateLetsEncryptWebApp.ps1 Bug fix Jan 18, 2018
README.md Update README.md Feb 3, 2018
WebAppFiles.ps1 Working version Jan 16, 2018
web.config Initial Commit Jan 14, 2018

README.md

Azure Web App with Let's Encrypt Certificate

This repository contains example code for creating an Azure Web App with a Let's Encrypt SSL Certificate. It uses the ACMESharp Powershell module. This certificate is valid for 90 days.

Requirements:

Installation instructions

  1. Install the Azure Resource Manager modules from the PowerShell Gallery
Install-Module AzureRM -AllowClobber
  1. Install the ACMESharp Module:
Install-Module ACMESharp -AllowClobber

All the code needed to set up a Web App, generate the certificate, and bind the certificate is contained in the CreateLetsEncryptWebApp.ps1 script. The script does the following:

  1. Creates a Web App with an App Service plan, if it doesn't exist already.
  2. Pauses to allow the user to set a CNAME to point to the Web App. It is important to complete this step before continuing or the Web App will not allow the custom DNS name.
  3. Creates an ACME Vault and registration (if it doesn't exist).
  4. Generates a new ACME identifier for the DNS name.
  5. Starts an HTTP challenge.
  6. Uploads appropriate challenge reponse to the Web App.
  7. Submits the challenge.
  8. Waits for challenge validation.
  9. Generates certificate.
  10. Binds certificate to the Web App

If the Web App already exists, it will simple generate a new cert and bind it, effectively renewing the certificate.

To call the script:

.\CreateLetsEncryptWebApp.ps1 -ResourceGroupName "RESOURCE-GROUP-NAME" `
-WebAppName "WEB-APP-NAME" -Fqdn "DOMAIN NAME" -Location "LOCATION (e.g. eastus)" `
-ContactEmail "EMAIL ADDRESS FOR REGISTRATION"