Releases: sjkp/letsencrypt-siteextension
Refactoring
This release contains major refactoring of the code, to allow for some new features. One of the major changes is that the code is more modular, to allow for e.g. Azure Certificate Service to be used together with Azure Key Vault (not included in this release).
I also removed the tight dependency to the local file system of the web server, so that the extension now can run on another site, than the one the certificate is installed on (this will allow a separate release that for functions instead of relying on web jobs, and it makes local debugging easier). This change however, changes how the acme challenge file is place on the web server, as the KUDU file API now is used. This might have unforeseen consequences for those who have used their own letsencrypt:WebRootPath please let me know if that causes problems.
Finally the release contains a breaking change, if you relied on the first run of the web job to setup your hostname binding, then you are out of luck, as I removed that part of the code, as it doesn't really belong in this site extension, now that it is supported to set hostname bindings using ARM templates.
This release took longer than expected, as I encountered a few problems with the official nuget Microsoft.Azure.Management.WebSites and had to just use the ARM API manually.
Allow storage account reuse and disable web.config overwrite
Better browser experience
Renew certificates earlier and support for other Azure Regions
Support for deployment slots
Thanks to @stuartleeks the extension now finally supports deployment slots. To use it in a deployment slot you have to install the extension in that slot, and fill the site slot name with the name of your deployment slot.
This update also brings support for IP based SSL thanks to @jaykay-design
I also added some extra validation on the setup page, to try to prevent people from getting to the next page without inputting the right service plan resource group name.
Bug fix in RenewCertificate Web Job, when using separate resource groups for App Service Plan and App Service
Fix for #56. The RenewCertificate code was not working when separate resource groups were used for App Service Plan and App Service.
Also added the option to specify when to renew the certificate. Add an AppSetting named RenewXNumberOfDaysBeforeExpiration and write the number of days before expiration of the certificate it should be renewed. It defaults to 14 days.
.Net Core support and easier deployments of web jobs
This release accepts pull request #40 that adds support for .net core.
It also makes the development on the site-extension easier by removing the dependency on the web.job nuget package that the site extension used before to install the web jobs. This dependency was used, because I was unaware that Kudu supported installation of web jobs as part of the site-extension model.
Fix for race condition during challenge
This release implements the bug fix proposed in #36 - it also don't override the acme-challenge/web.config if it already exists.
Better error reporting when challenge/response fails
Part of requesting a SSL certificate from Let's Encrypt requires the web sites to serve the challenge file. Many of the bugs reported for this site-extension have been that this process fails or is hard to debug. This release tries to solve that by showing an informative exception when this process fails.
The exception looks like this, and provides a link to the URL that should be browsable, and another link to Let's Encrypt with their error log.
Prevent SetupHostNameAndCertificate from running more than once
The web job SetupHostNameAndCertificate is supposed to run and do work only once to install the certificates and setup the hostnames when using the ARM setup with hostnames located in application config. This release fixes a bug where it would run on every application restart. The bug was introduced in 0.4.2