Preparations for adding Lets Encrypt SSL Certificate to Azure WordPress Web App

We were using an expensive wildcard SSL certificate from a CA for all of our websites, that was expiring soon. Yes – there IS a very simple and straightforward way within Azure to add this wildcard certificate for multiple domain and sub-domain DEV, TEST and PROD Azure-hosted websites – but at an annual cost to us in excess of $750 Canadian dollars!

With Azure supporting use of Let’s Encrypt, the free, automated and open CA for Azure-hosted websites, we decided to secure all our websites with free LetsEncrypt SSL certificates working for each website before the expensive wildcard SSL expired.

NOTE: The Let’s Encrypt certificates DO expire after 90 days, so a background process using Azure Web Jobs, is necessary to automatically renew and install new certificates. Simon J.K.Pedersen has developed the Azure Let’s Encrypt Web App Site Extension to do all of the work of requesting, installing  and renewing of the Let’s Encrypt certificates. What a help this all is! Once the preparations are complete (as outlined below) the new Let’s Encrypt SSL certificate is working in less than 5 minutes.


CredSSP Error when RDPing into rebuilt Azure VM

After swapping out an OS drive into an Azure VM, we were unable to RDP into the revisioned VM, getting this error:

In May 2018, Microsoft issued CredSSP updates for CVE-2018-0886 which requires that KB 4093120 be installed on both the client and server.