«

Let's Encrypt Meets Azure: ACMEAzure

The future is here and the future is open source, secure and in the cloud! Let’s take a journey of extending Open Source mixed with Secure Certs with PowerShell.

If you have not been living under a desk for the last year you may have heard of new Cert Trust Authority by the name of Let’s Encrypt. LE for shorthand is a new type of Cert Authority that follows the new wave of modern thinking, instead of keeping everything closed source, and keeping ourselves in the dark in a new world of untrusted security, instead it embraces the movement of OpenSource. In this new movement everything is open and shared with the community. This is great and an amazing movement. LE thought is that Certificates on the web should not be a thing that only does that can afford should have but instead something we should all have, as a way to make a better more secure web one cert at a time. I can go on but you can read more on their website listed above.

One thing to note about LE is that it is mainly a Linux based tool, which is great but at the same time for those Windows Admin it is not as easy as it could be. That is when a new tool came out and shared with the community called ACMESharp, this great new tool offered a native way for Windows Admins to take advantage of LE on Windows Server using the power of PowerShell. This tool is great and other members of the community have embraced this tool and extended it to automate the creation and binding of SSL Certs for IIS Servers. Another step in helping secure the web! As someone who regularly works with Azure, I saw that there was a missing gap for those admins that not only manage IIS Servers but also use Azure WebApps for their websites. Seeing that there was a missing gap, I decided that it would be great to write a neat little script that would automate the work of sending a LE request, completing the LE Challenge, and then receiving and uploading the cert to your Azure WebApp site. After much work and much testing i have finally finished something I can say i am proud to call ACMEAzure.

This handy tool uses the ACMESharp Posh Library to interact with LE, and uses Kudu API to interface with Azure WebApp Sites. Allowing for a complete end to end automated task that will call LE Servers, request a cert for your site, get the challenge, complete the challenge and then get the cert from LE and upload it directly to your site.

Anyway please check out the script on Github Repo and let me know what cool things can be added to it!

-Henry

Share