How to setup SSL Generator for custom domains using Let's Encrypt


#1

Hi All,

I want to setup SSL Certificates generator/manager for Custom Domains - using Let’s Encrypt but I’m not able to find the right tutorial. I’ve done some research work and I’m able to setup Let’s Encrypt Certbot on one domain/machine with nginx.

I have a web app on Azure which will serve multiple domains, so multiple custom domains from single IP. I want to generate SSL Certificates for custom domains on the fly.

I learnt that Openresty can help but I couldn’t find any step-by-step article. How do I setup the SSL Management with Let’s Encrypt. At this point I’m not sure if I need a stand-alone VM or if it possible to run as a set of REST API Endpoint on a Web Server? Any pointers? I appreciate any help!


#2

Hi @iamsunny,

In order to support on-the-fly generation of certificates for custom domains, you’ll probably have to use software that’s specialized for this purpose or else write your own software. An example of software that does support this natively is the Caddy web server.

https://caddyserver.com/

There may be other software options, but most Let’s Encrypt clients don’t support this natively without some additional scripting, and most hosting providers with automated Let’s Encrypt integrations have probably had to do some of their own software development.

I don’t think these questions are very relevant. More significant, most likely, is your operating system environment and your web application environment. Are you developing the web application yourself? In what kind of language? What conditions will let it know that it needs to obtain a new certificate? If the certificate were obtained by external software, would your web application be able to make use of it by itself, or would it need other software to handle the certificate deployment as well?

Another thing to look at is ACME libraries which can provide you with functions that you can call from various programming languages to request certificates.

Hopefully some of this existing software is relevant to you in some way, but this mainly depends on the nature of your existing software environment.


#3

Hi,

Azure now support free TLS Certificate via let’s encrypt for web apps.
I believe you can find the extension from site extensions.

Also, depend on “on the fly”, you can either add the domains to azure cdn and get free certificate from them, or simply use the web app extension.

Thank you


#4

@schoen: thank you for your reply. I found the client list more friendly for Linux/Unix users but thanks for the pointer. I did a little more research and found a “Certes” to be promising for .NET developers. We can append it in the list as well!


#5

thanks @stevenzhu, your extension is just an awesome piece of work. I have used it in one my web app on azure already.

But in my scenario I don’t think it’s fitting right in. But I’m sure I can extend your codes to adjust to my requirement.

thanks again!


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.