We’ve been running Let’s Encrypt as a Web Job in many of our Azure App Services to automatically re-issue SSL certs for our websites - all good. We’re now starting to switch our services to using Azure’s Managed Service Identity. In App Settings, if we set the letsencrypt:ClientId to that of the MSI, does this mean that we can do away with letsencrypt:ClientSecret? This would be great because it would mean that we wouldn’t need to remember to renew the secret every 2 years.
Unfortunately, that site extension was not written by the Let’s Encrypt team. So you’re not going to be able to get a whole lot of support for it here. The project site on GitHub doesn’t seem to indicate that it will support Azure authentication via IMDS. But it does still appear to be maintained by the author. So you might want to submit an issue there asking for IMDS support.