Lets encrypt
(Adding message template to the top of the page) |
(Updated Edited template to July 12, 2025.) |
||
| (One intermediate revision by one other user not shown) | |||
| Line 1: | Line 1: | ||
<message>Write the content here to display this box</message> | |||
Lets encrypt issues free, shortlived SSL certs. You can set up Azure to renew them automatically: | Lets encrypt issues free, shortlived SSL certs. You can set up Azure to renew them automatically: | ||
| Line 19: | Line 19: | ||
# Go back to the app and use them on your custom domains, turn on always SSL. | # Go back to the app and use them on your custom domains, turn on always SSL. | ||
[[Category:Security]] | [[Category:Security]] | ||
{{Edited|July|12| | {{Edited|July|12|2025}} | ||
Latest revision as of 05:51, 20 January 2025
This page was created by Hans.karlsen on 2020-07-31. Last edited by Edgar on 2025-01-20.
Lets encrypt issues free, shortlived SSL certs. You can set up Azure to renew them automatically:
https://www.hanselman.com/blog/SecuringAnAzureAppServiceWebsiteUnderSSLInMinutesWithLetsEncrypt.aspx
Lets encrypt:
- Add a custom domain to your App
- Add or reuse a storage account and copy the connectionstring for use in step 6 (the Lets encrypt extension stores data here)
- Azure AD , App reg: xxxxLetsEncrypt
- Remember AppId: xxxxxxxx
- Add secret - name it login yyyyyyyy
- Resource group running xxx, AccessControl, add permission, contributor, your app xxxLetsEncrypt should be a contributor
- Go to the app service in Azure portal xxx, Extensions, Azure Lets Encrypt, you must add connection strings in setting
- AzureWebJobsDashboard
- AzureWebJobsStorage, both with the same value: connection string to your storage account
- Configure extension http://YOURSITENAME.scm.azurewebsites.net/LetsEncrypt
- ...follow the guide/next - you get a box with your domain names, select one +request and install, repeat, -> you now have certs
- Go back to the app and use them on your custom domains, turn on always SSL.