#102

LetsEncrypt-SiteExtension/Controllers/HomeController.cs

@@ -229,7 +229,8 @@ public ActionResult Install(RequestAndInstallModel model)
                     BaseUri = baseUri,
                     ServicePlanResourceGroupName = settings.ServicePlanResourceGroupName,
                     AlternativeNames = model.Hostnames.Skip(1).ToList(),
-                    UseIPBasedSSL = settings.UseIPBasedSSL
+                    UseIPBasedSSL = settings.UseIPBasedSSL,
+                    DisableWebConfigUpdate = settings.DisableWebConfigUpdate
                 };
                 var thumbprint = CertificateManager.RequestAndInstallInternal(target);
                 if (thumbprint != null)

LetsEncrypt.ResourceGroup/Templates/deploy-single-rg.ps1

@@ -0,0 +1,10 @@
+Select-AzureRmSubscription -SubscriptionId 3f09c367-93e0-4b61-bbe5-dcb5c686bf8a
+
+$appPlanRgName = "LetsEncrypt-SiteExtension"
+$webAppRgName = "sjkp.letsencrypt"
+$loc = "WestEurope"
+
+New-AzureRmResourceGroup -Name $appPlanRgName -Location $loc
+
+New-AzureRmResourceGroupDeployment -Name "Test" -ResourceGroupName $appPlanRgName -TemplateParameterFile .\azuredeploy.parameters.local.json -TemplateFile .\azuredeploy.json
+

LetsEncrypt.SiteExtension.Core/CertificateManager.cs

@@ -91,7 +91,8 @@ public void SetupHostnameAndCertificate()
                         ServicePlanResourceGroupName = settings.ServicePlanResourceGroupName,
                         AlternativeNames = settings.Hostnames.Skip(1).ToList(),
                         SiteSlotName = settings.SiteSlotName,
-                        UseIPBasedSSL = settings.UseIPBasedSSL
+                        UseIPBasedSSL = settings.UseIPBasedSSL,
+                        DisableWebConfigUpdate = settings.DisableWebConfigUpdate
                     });
                 }
             }
@@ -522,10 +523,17 @@ public static AuthorizationState Authorize(Target target)
                 Directory.CreateDirectory(directory);
             }
             var webConfigPath = Path.Combine(directory, "web.config");
-            if (target.DisableWebConfigUpdate == false && (!File.Exists(webConfigPath) || File.ReadAllText(webConfigPath) != webConfig))
+            if (target.DisableWebConfigUpdate)
+            {
+                Trace.TraceInformation($"Disabled updating web.config at {webConfigPath}");
+            }
+            else
             {
-                Trace.TraceInformation($"Writing web.config to {webConfigPath}");
-                File.WriteAllText(webConfigPath, webConfig);
+                if ((!File.Exists(webConfigPath) || File.ReadAllText(webConfigPath) != webConfig))
+                {
+                    Trace.TraceInformation($"Writing web.config to {webConfigPath}");
+                    File.WriteAllText(webConfigPath, webConfig);
+                }
             }
 
             foreach (var dnsIdentifier in target.AllDnsIdentifiers)

LetsEncrypt.SiteExtension.WebJob/Program.cs

@@ -17,7 +17,10 @@ static void Main()
         {
             var config = new JobHostConfiguration();
             config.UseTimers();
-            config.HostId = "letsencrypt_" + Environment.GetEnvironmentVariable("WEBSITE_SITE_NAME");
+            //A host ID must be between 1 and 32 characters, contain only lowercase letters, numbers, and 
+            //dashes, not start or end with a dash, and not contain consecutive dashes.
+            var hostId = "letsencrypt-" + Environment.GetEnvironmentVariable("WEBSITE_SITE_NAME");            
+            config.HostId = hostId.Substring(0,hostId.Length > 32 ? 32 : hostId.Length).TrimEnd(new[] { '-' }).ToLower();
 
             var host = new JobHost(config);
             host.RunAndBlock();

LetsEncrypt.nuspec

@@ -3,7 +3,7 @@
   <metadata>
     <id>letsencrypt</id>
     <title>Azure Let's Encrypt (x86)</title>
-    <version>0.5.5</version>
+    <version>0.5.9</version>
     <authors>SJKP</authors>
     <licenseUrl>http://opensource.org/licenses/Apache-2.0</licenseUrl>
     <projectUrl>https://github.com/sjkp/letsencrypt-siteextension</projectUrl>

LetsEncrypt64.nuspec

@@ -3,7 +3,7 @@
   <metadata>
     <id>letsencrypt64</id>
     <title>Azure Let's Encrypt (x64)</title>
-    <version>0.5.5</version>
+    <version>0.5.9</version>
     <authors>SJKP</authors>
     <licenseUrl>http://opensource.org/licenses/Apache-2.0</licenseUrl>
     <projectUrl>https://github.com/sjkp/letsencrypt-siteextension</projectUrl>

README.md

@@ -51,6 +51,7 @@ To use the Fully Automated Installtion the following Web App settings must be ad
 | letsencrypt:Email	| The Email used for registering with Let's Encrypt
 | letsencrypt:Hostnames |	Comma separated list of custom hostnames (externally hosted setup with CNames), that should automatically be configured for the site.
 | letsencrypt:WebRootPath | Use this setting, if you are not serving the website from site\wwwroot, then you can sepecify the other folder that serves your website here - should be in the format d:\home\site\wwwroot\public or where ever your files are located on the web server. 
+| letsencrypt:DisableWebConfigUpdate | true / false, defaults to false, set this to true if you don't want the site extension to write the default webconfig to wwwroot\.well-known\acme-challenge
 | letsencrypt:SiteSlot | Use this setting if you want to use the extension to setup SSL certificate for deployment slots, the value should be the name of the slot (and the extension should be installed in that slots kudu portal)
 | letsencrypt:UseIPBasedSSL | Set to true if you want to use IP Based SSL (required by some older clients). Defaults to false, which results in SNI. 
 | letsencrypt:RenewXNumberOfDaysBeforeExpiration | Set to an integer defining the number of days before expiration the certificates should be renewed. Defaults to 22 days before expiration, as letencrypt sends reminder emails 20 days before