Fails to validate cert when site is deployed using "run from package" option
Closed this issue · 3 comments
I ran into an issue where I deployed a new azure web site using the "run from package" approach (https://docs.microsoft.com/en-us/azure/azure-functions/run-functions-from-deployment-package).
Because this approach deploys a site in read-only mode, the /.well-known folder needed for the LetsEncrypt validation can't be created on the file system, causing the certificate renewal process to fail.
There's no message indicating this is the specific problem, beyond a 404 when trying to hit the URL. It should be detectable via the presence of a WEBSITE_RUN_FROM_PACKAGE setting.
It also might be worth adding a note to the readme to indicate this is a constraint and that sites should be zip or web deployed instead.
Do you want contributions for this?
Sure, would be happy for a PR as I am unfamiliar with this deployment approach...
Haha. Never mind. I'm giving myself a 🤦♂
I started looking through the code and then realised the fix would require a change in @sjkp's code. So I looked there and saw a discussion about it at sjkp/letsencrypt-siteextension#239, and that it was resolved a while ago.
And then I went back and re-read the readme here and I saw this:
letsencrypt:webAppName-webRootPath (optional, defaults to %HOME%\site\wwwroot or in case of running from package: %HOME%\site\letsencrypt)
Let's pretend this issue was never reported 🐑 😄
LOL, if I had a penny for every time it happened to me...
Good thing it's documented here now, thanks :)