/azure-keyvault-letsencrypt

Automated Let's Encrypt issuer for Azure Key Vault

Primary LanguageC#Apache License 2.0Apache-2.0

Azure Key Vault Let's Encrypt

Build status Release License

Requirements

  • Azure Subscription
  • Azure DNS and Key Vault resource
  • Email address (for Let's Encrypt account)

Getting Started

1. Deploy to Azure Functions

2. Add application settings key

  • LetsEncrypt:SubscriptionId
    • Azure Subscription Id
  • LetsEncrypt:Contacts
    • Email address for Let's Encrypt account
  • LetsEncrypt:VaultBaseUrl
    • Azure Key Vault DNS name

3. Add a access policy

Add the created Azure Function to the Key Vault Certificate management access policy.

image

4. Assign role to Azure DNS

Assign DNS Zone Contributor role to Azure DNS.

Usage

Adding new certificate

Run AddCertificate_HttpStart function with parameters.

curl https://YOUR-FUNCTIONS.azurewebsites.net/api/AddCertificate_HttpStart?code=YOUR-FUNCTION-SECRET -X POST \
    -H 'Content-Type:application/json' \
    -d '{"Domains":["example.com","www.example.com"]}'
  • Domains
    • DNS names to issue certificates.

Thanks

License

This project is licensed under the Apache License 2.0