\n <\/p>\n
There are lots of let’s encrypt computerized instruments for azure however I additionally wished to see if I might use certbot in wsl to generate a wildcard certificates for the azure Friday web site after which add the ensuing certificates to azure app service. <\/p>\n
Azure app service finally wants a particular format known as dot PFX that features the complete certificates path and all intermediates.<\/p>\n
Per the docs, App Service non-public certificates should meet the next necessities<\/a>: <\/p>\n In case you have a PFX that does not meet all these necessities you may have Home windows reencrypt the file.<\/p>\n I take advantage of WSL and certbot to create the cert, then I import\/export in Home windows and add the ensuing PFX.<\/p>\n Inside WSL, set up certbot:<\/p>\n Then I generate the cert. You may get a pleasant textual content UI from certbot and replace your DNS as a verification problem. Change this to verify it is two<\/strong> traces, and your domains and subdomains are right and your paths are right.<\/p>\n I then copy the ensuing file to my desktop (examine your desktop path) so it is now within the Home windows world.<\/p>\n Now from Home windows, import the PFX, be aware the thumbprint and export that cert.<\/p>\n Export-PfxCertificate -Cert Microsoft.PowerShell.SecurityCertificate::LocalMachineMy597THISISTHETHUMBNAILCF1157B8CEBB7CA1 Then add the cert to the Certificates part of your App Service, beneath Deliver Your Personal Cert. <\/p>\n Then beneath Customized Domains, click on Replace Binding and choose the brand new cert (with the most recent expiration date).<\/p>\n Subsequent step is to make this much more computerized or choose a extra automated answer however for now, I will fear about this in September and it solved my costly Wildcard Area subject.<\/p>\n
Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, advisor, father, diabetic, and Microsoft worker. He’s a failed stand-up comedian, a cornrower, and a e book writer.<\/p>\n \n
sudo apt replace
sudo certbot certonly --manual --preferred-challenges=dns --email YOUR@EMAIL.COM
sudo cp AzureFriday2023.pfx \/mnt\/c\/Customers\/Scott\/OneDrive\/Desktop\n<\/pre>\n
Import-PfxCertificate -FilePath \"AzureFriday2023.pfx\" -CertStoreLocation Cert:LocalMachineMy
![\"Custom](\"https:\/\/images.hanselman.com\/blog\/Windows-Live-Writer\/Using-WSL-and-Lets-Encrypt-to-create-Azu_C384\/image_3849c466-fcdb-4abd-96ad-8d52a5e93730.png\" "\\"Custom")
<\/figure>\n![\"image\"](\"https:\/\/images.hanselman.com\/blog\/Windows-Live-Writer\/Using-WSL-and-Lets-Encrypt-to-create-Azu_C384\/image_3d6c1eb8-4a3e-4004-985a-75e8f8f56118.png\" "\\"image\\"")
<\/p>\n
\n
\n
\n
<\/p>\nAbout Scott<\/h4>\n
![\"facebook\"\/](\"http:\/\/images.hanselman.com\/main\/icon-fb.png\"){kind=icon}
<\/a>
\n ![\"bluesky\"\/](\"http:\/\/images.hanselman.com\/main\/icon-bluesky.png\"){kind=icon}
<\/a>
\n ![\"subscribe\"\/](\"http:\/\/images.hanselman.com\/main\/icon-rss.png\"){kind=icon}
<\/a>
\n About<\/a> \u00a0 Publication<\/a>\n <\/div><\/div>\n
![\"Hosted](\"http:\/\/images.hanselman.com\/main\/azure-250x250.png\"\/)
<\/a>\n <\/div><\/div><\/div>\n