Here’s something that I’ve held off on for a while.
I’ve always wanted to include an SSL Certificate for my blog. But, if you look at the Azure App Service Certificates service, the cost is high (at least in my opinion).
Recently I was alerted to the Let’s Encrypt organization, which strives to protect the Internet via providing free SSL/TLS certificates!
Great! So now I can get an SSL cert for my blog. But, how do I make it work with an Azure Web App (since that’s how my website is configured)?
Of course, you could just upload a certificate file, but I don’t want to have to do this manually.
So I went Googling, and found out that there is a Let’s Encrypt extension for Azure Web Apps!
So I added the Extension, now what?
There’s a Wiki page that goes into the details and steps that you need to do, including creating a Service Principal (aka an Azure AD Registered App), granting permissions for said Service Principal to the Resource Group(s) that contain your Web App and App Service, and ultimately, configuring the Let’s Encrypt Web App site extension.
Bind Your Cert And Force HTTPS
After you go through all these steps, you will now have a Certificate available for SSL Certificates for your Web App. You can then add an SSL Binding.
But that doesn’t make my site default to SSL or HTTPS. If you check under the Custom Domains setting of the Web App, there is an HTTPS Only option. Flip that to On, and now if you navigate to “just” adinermie.com, you will be redirected to https://AdinErmie.com.
So now, I am pleased to show that my website is “Internet safe” with its very own SSL certificate.
Thank you Let’s Encrypt for your service and efforts to provide protection to the entire web. No go forth, and “encrypt the web”.