Lets Encrypt Azure Versions Save

• Migrated from deprecated keyvault & storage packages to latest SDKs

• Renew certificates automatically when domain list is changed #19

api changes:

• the newCertificate parameter is moved to the body and renamed to forceNewCertificates (plural!) for the api/execute endpoint
• added domainsToUpdate parameter to api/execute endpoint. If the optional array is set then only certificates which contain one of the provided domains as a hostname are forcefully updated #19

See the setup guide for details.

• Bugfix for CDN updates: The internal update request now uses the correct encoding (utf-8) and no longer results in HTTP 415 (Unsupported Media Type)

The primary automation/deployment method is now Github Actions. The documentation has been updated and a migration guide exists to allow you to migrate from Azure Pipelines.

config file:

• No changes

infrastructure:

• declared WEBSITE_RUN_FROM_PACKAGE=1 explicitely in ARM template (previously it was implicitly set by the publish task)
• Switch from Azure Pipelines to Github Actions for automation (old Azure Pipelines along with old setup guide can be found in the last v1.x commit)

api:

• Removed obsolete updateResource parameters from POST endpoint (function detects automatically if a resource needs to be updated)

• Upgrade to .Net Core 3.1

• Suggest custom role for least privilege access control #11
• Fixed logs being silenced #9 & #10
• Retry CDN certificates when none is in progress or certificate does not match #8
• Switched to .Net Core 3.0 (and functions v3 runtime)
• Prevent unrelated app service certificates from being deleted (enforcing name + thumbprint match & fixed filter) #7
• Retry app service certificate rollout if certificate binding cannot be found (instead of silently skipping when cert is already in store) #6
• Property path of storage account challenge responder was not being used #5

• Bugfix regarding placement of sample configuration file PR#2

• Working function with support for Azure CDN & App Services