Check the completion of all 8 preparation steps outlined in Preparations for adding Lets Encrypt SSL Certificate to Azure WordPress Web App

  1. Update App Service Plan
  2. Update Web.config for Certificate Renewal
  3. Delete binding of any currently installed SSL certificates
  4. Assign or create a storage account for the process
  5. Add 2 Application settings to website
  6. Register an Azure Service Principle
  7. Permissions added to Resource Group/Subscription
  8. Gather config info & paste text file for configuring the Lets Encrypt Extension

Now the Azure Let’s Encrypt Extension can be installed & Configured

1. Portal > Web App > Development Tools > Extensions > +Add > Choose Extension > Azure Let’s Encrypt > OK

2. Stop and start the website to avoid or overcome the error “No route registered for ‘/Letsencrypt” from https://YOURSITENAME.scm.azurewebsites.net/SiteExtensions.

3. Configure the LetsEncrypt Site Extension – using ‘sidecar website’ running in the scm version of the website:

Portal > Web App >Development Tools > Extensions > Select the Azure Lets Encrypt Extension > Browse to be able to configure

Scroll down to the Automated Installation section of the webpage and paste in values saved in the text file in Preparations: Step 8 above:

A list of the Custom Domains and SSL Bindings for the web app will show:

Once you see the notice that ‘Certificate Successfully Installed‘, the Hostname SSL bindings should now be enabled with the new certificate(s) assigned. On this page, note the 3 month expiry date of the new Let’s Encrypt certificate(s). NOTE: On our site, the soon to expire expensive wildcard certificate is still showing for the subscription, even though it is not being used.

Check back in the Azure Portal, and add new Hostname binding if not already done by Azure:

To ensure the new Web Jobs are able to renew and install the new certificates at the end of 3 months, beside adding the code to the web.config file mentioned in Preparations: Step 2 above, in Application Settings > General Settings > ‘Always On’ option >’On‘ for the website, so web jobs will not fail because website is not loaded:

Restart website. Browse to website, verifying https connection and certificate:

  

In Azure Portal > Overview > the URL should now be https:xxxxxxxxxx.com