dotnetcore - Let's Encrypt Free SSL and

April 29, 2017

In a movement to secure the WWW, the folks at Let's Encrypt have decided to make SSL certificates easier to come by and free! Here's a short tutorial on how to secure your website. First install the following application on your Windows machine running IIS.

Next, you'll need to add a configuration middleware that will allow the Certify application to communicate with the Let's Encrypt services to create and bind the SSL certificate. Add this block of code in the Startup ConfigureServices method.

var provider = new FileExtensionContentTypeProvider();
provider.Mappings["."] = "text/plain";
app.UseStaticFiles(new StaticFileOptions()
    FileProvider = new PhysicalFileProvider(
    Path.Combine(Directory.GetCurrentDirectory(), @".well-known/acme-challenge")),
    RequestPath = new PathString("/.well-known/acme-challenge"),
    ContentTypeProvider = provider,
    ServeUnknownFileTypes = true,
    DefaultContentType = "text/plain"

Back in the Certify app you'll now see anĀ option to issue a New Certificate. Click that option, choose IIS and choose your site. Click Request Certificate and the application will issue a 90 day certificate with Let's Encrypt and bind it to your site. Ensure that you have the binding setup to port 443 and it will be secured! IIS 8 uses Server Name Indication (SNI) which allows IIS to bind 443 with multiple sites running on the same server.