LetsEncrypt ASP .NET Core middleware

Have you ever tried setting up LetsEncrypt? If you’re lucky, you’re able to use Certbot — or perhaps you have full access to the server you are trying to set it up on.

And then there’s a slight chance that you’re in the same situation as I was recently, where the options are limited and frustrating.

I like to host my applications on Azure App Services, and the support for LetsEncrypt there is just plain disappointing. Until recently, you basically had the following options:

1. Use the Azure LetsEncrypt extension by sjkp.
2. Use an Azure VM instead, where you have more control. You still need to script your way out of things.
3. Manually renew the LetsEncrypt certificate once in a while, and manually specify it in the Azure portal under SSL bindings.

Let’s review these options.

1. Initially this looks promising and simple — until you get to the installation guide. Not only is it long and has many steps, but the screenshots given are also outdated. I actually got it working after many complicated errors, but it took me 8 hours!
2. Not really an option. If someone picked App Services, it’s typically for that sweet fully managed experience.
3. Not an option either. Any super critical task that mustn’t be forgotten, yet has to be done every 3 months and at the same time is incredibly boring, calls for heavy automation.

This doesn’t just apply to Azure. It probably applies to Amazon AWS as well, and many other hosts out there.

So I went to the drawing board and got inspired by how Kestrel in ASP .NET Core 2.1 now handles SNI (it basically allows selecting an SSL certificate to use for HTTPS at runtime).

The result?
A framework (exposed as a NuGet package) where only around 3 statements of code is required to enable LetsEncrypt in any ASP .NET Core 2.1 application, with no server configuration needed.

Go see for yourself:
https://github.com/ffMathy/FluffySpoon.AspNet.LetsEncrypt