Add SSL to Azure Web App using LetsEncrypt

  • Ubuntu (I used the Ubuntu app on my Windows Machine)
  • An Azure Web App running on a App Service (platform: Windows, minimal plan supporting SSL: Basic)

Step 1: Install Certbot & OpenSSL

  • Certbot: Sets up the challenge with LetsEncrypt to verify your domain
  • OpenSSL: Converts the certificates created by Certbot to a format that Azure accepts (PFX)
sudo apt-get install software-properties-common 
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get install certbot
sudo apt-get install openssl

Step 2: Setup a challenge with LetsEncrypt

sudo certbot certonly --preferred-challenges http -d ourmixtape.net --manual

Step 3: Upload the challenge file to your Azure Web App

Step 4: Modify your web.config to rewrite the challenge file without extension

<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="dotnet" arguments=".\OMT.Web.dll" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" />
<rewrite>
<rules>
<rule name="wildcard">
<match url=".*well-known/acme-challenge/(?!.*?\.txt$)(.*)$" />
<action type="Redirect" url="/.well-known/acme-challenge/{R:1}.txt" />
</rule>
</rules>
</rewrite>

</system.webServer>
</configuration>

Step 5: Convert the certificate to PFX using OpenSSL

sudo openssl pkcs12 -export -out /etc/letsencrypt/live/ourmixtape.net/ourmixtape.pfx -inkey /et c/letsencrypt/live/ourmixtape.net/privkey.pem -in /etc/letsencrypt/live/ourmixtape.net/cert.pem
%userprofile%\AppData\Local\Packages
%userprofile%\AppData\Local\Packages\CanonicalGroupLimited.UbuntuonWindows_(YOUR_POSTFIX)\LocalState\rootfs\etc\letsencrypt\live\ourmixtape.net

Step 6: Upload your PFX certificate into the Azure Portal and add the SSL binding

--

--

--

.NET developer living in The Netherlands. I write stories because it helps me sharing and remembering knowledge.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

2 Phase Commit and Optimizations in Distributed System

Virtual Machines and Azure Services

Introduction to the Ovid platform using PsycInfo

React Native: Future of hybrid mobile app development

Realm tips of an iOS developer

Picture of a sketch of a login screen and its corresponding Swift code

How I stopped hating Test Driven Development

Don’t Overheat — Cooldown with Unity

Singleton Pattern

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Marc Mathijssen

Marc Mathijssen

.NET developer living in The Netherlands. I write stories because it helps me sharing and remembering knowledge.

More from Medium

Azure Functions, localhost and CORS how to get them working together when debugging locally

DB migrate from on-premise to Azure MySQL(1)

Azure Load Balancer Health Probe: Poll HTML page for Web API health

How to populate an automatically updated file with azure yaml pipeline task in an azure repository?