Azure Let’s Encrypt Extension certificate renewal error

This was a fun one. I’ve been using Let’s Encrypt for free certificates on a lot of the websites we have hosted in Azure, and the Let’s Encrypt extension is awesome at managing all of that. As part of some transient fault tolerance I also use a couple app settings to cache everything on local storage (in case az storage fails). Well, that cache also breaks Let’s Encrypt renewals. To verify the domain the extension creates a file and then Let’s Encrypt checks for that file. Because I had this caching turned on it kept failing to find the file because the cache had not updated. This is the error you get:

The Lets Encrypt ACME server was probably unable to reach http://hostname.com/.well-known/acme-challenge/BunchOfJibberishLettersandmaybenumbers123 view error report from Lets Encrypt at https://acme-v01.api.letsencrypt.org/acme/authz/MoreJibberishandNumbers123 for more information

The caching options I had turned on were WEBSITE_LOCAL_CACHE_OPTION and WEBSITE_LOCAL_CACHE_SIZEINMB. You can read more about local cache here. Simply removing those app settings (or add an x to the name) and restarting the app fixed the issue.

Leave a Comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.