Azure Key Vault Let's Encrypt
Requirements
- Azure Subscription
- Azure DNS and Key Vault resource
- Email address (for Let's Encrypt account)
Getting Started
1. Deploy to Azure Functions
2. Add application settings key
- LetsEncrypt:SubscriptionId
- Azure Subscription Id
- LetsEncrypt:Contacts
- Email address for Let's Encrypt account
- LetsEncrypt:VaultBaseUrl
- Azure Key Vault DNS name
3. Add a access policy
Add the created Azure Function to the Key Vault Certificate management
access policy.
4. Assign role to Azure DNS
Assign DNS Zone Contributor
role to Azure DNS.
Usage
Adding new certificate
Run AddCertificate_HttpStart
function with parameters.
curl https://YOUR-FUNCTIONS.azurewebsites.net/api/AddCertificate_HttpStart?code=YOUR-FUNCTION-SECRET -X POST \
-H 'Content-Type:application/json' \
-d '{"Domains":["example.com","www.example.com"]}'
- Domains
- DNS names to issue certificates.
Thanks
- ACMESharp Core by @ebekker
- Durable Functions by @cgillum and contributors
- DnsClient.NET by @MichaCo
License
This project is licensed under the Apache License 2.0