Search code examples
azureasp.net-coreazure-web-app-servicelets-encrypt

IIS is not serving my static file on Azure

I have a static file, letsencrypt.txt, in the wwwroot folder on my website.
But going to http://{domain}.com/letsencrypt.txt gives 404.

This is not on a virtual machine, shared or otherwise. I do not have root access or CPanel access. I do not have any extra Azure Storage.

I do have a Subscription, a Resource Group, an App Service, an App Service Plan, and an API Management Service. I do have FTP access, so I can see the file structure and upload files and download log files.

In practice, all I really know is that the file is at /site/wwwroot.

The log shows

<tr class="alt"><th>Requested URL</th><td>https://{domain}:80/letsencrypt.txt</td></tr> 
<tr><th>Physical Path</th><td>**C:\home\site\wwwroot\letsencrypt.txt**</td></tr>

which is exactly where I think the file is located.
I can't see any reason for it to not be able to find the file.
Nothing in the log about access control or permissions.

I thought that perhaps the https issue was a result of the DNS redirect, but I get the same 404 if I go directly to {domain}.azurewebsites.net. And it still redirects to https.

One interesting point is that, here in the log, it specifies port 80 even though it says https.

Here is the entire web.config.

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <location path="." inheritInChildApplications="false">
    <system.webServer>
      <handlers>
        <add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
      </handlers>
      <aspNetCore processPath="dotnet" arguments=".\SmartTagsAPI.dll" stdoutLogEnabled="false" stdoutLogFile="\\?\%home%\LogFiles\stdout" hostingModel="inprocess" />
      <rewrite> 
        <rules> 
<!--           <rule name="wildcard"> 
            <match url=".*well-known/acme-challenge/(?!.*?\.txt$)(.*)$" /> 
            <action type="Redirect" url="LetsEncrypt/letsencrypt.txt" /> 
          </rule>  -->
        </rules> 
      </rewrite> 
    </system.webServer>
  </location>
</configuration>
Solution

  • As you revealed more information, this question becomes more like "how to set up free certificates for Azure App Service D1 plan".

    D1 does not support custom SSL binding, which is by design. So, Let's Encrypt won't work either, as even if you find a way to generate the certificate, you cannot install it to D1 plan.

    Like you tested, you can alternatively set up a service like Cloudflare in front which offers you free certificates.