After 28 years, I quit … and move forward

I’m done … I quit!

As I posted on YouTube last week in the community area, I have an announcement to make. It’s a big step for me and a significant change in my life.

So here it is … after 28 years of working for the same employer, I quit my job and move forward. I won’t go into the exact details; I’d like to look forward and keep a positive mindset. You can follow me on LinkedIn to see if you are interested in my history (or even hook up; make sure you reference who you are and why you want to connect).

I like to work with tech and be on the bleeding edge of technology. I started as a junior software developer, first at a secondment agency doing short-term development jobs for various customers. After five years, someone reached out, and I joined one of the big accounting firms to work on their financial software systems. I learned much about financial systems then and even built an application that automatically created annual financial statements. Something accountants used to work on for weeks but could now be finished in a few days.

Moving forward, my work shifted from being a software developer to moving up the corporate ladder and sitting in meetings growing bigger development teams and, in the end, being more a People Manager than doing the things I loved to do: tinkering with software and extending software to provide better options for productivity to the Office or Information Workers.

I wanted a better job. Working in an increasingly restricted environment to avoid leaking information and being compliant with corporate standards kept me from doing what I love most: test-driving new technologies.

This reflects on family life, which is being grumpy after the daily drag. I even started to take time off one day a week – to work four days a week. I was beginning to look forward to my retirement.

Shortening my workweek allowed me to boost my YouTube and Twitch channels under the “Soft As In Software” umbrella, but I will discuss this later.

At that point, I received an email from a longtime friend living in the US, and he was asking me if VSTO (i.e., “Visual Studio Tools for the Office System”) is still a thing. A headhunter contacted him to see if he wanted to get a role in a specific job opening they were trying to fill.  As an answer to his question, I told him, “Honestly, not really …” as VSTO is in the process of deprecation (at least maintenance mode) and will soon be replaced by its successor, based on OfficeJS. Therefore, I advised him to suggest that the headhunter should look for a consultant to move the tooling into the OfficeJS APIs instead.

My friend didn’t accept the job offer as he is doing great stuff elsewhere already, but he thought sharing my info with the headhunter would be good. I confirmed that you could always talk, and he passed along my information so I could discuss what they were looking for and see where it would end. We eventually discussed the situation, agreed on the terms and conditions, had a couple more interviews, and agreed to move forward.

With all that in place, the announcement is that after a 28-year tenure, I resigned from my current job and started working for a company in Canada and the United States. It is a hundred percent remote job. I am curious if I ever travel in that direction. At least I still try to attend the big conferences such as Build (not this year, as it is poorly timed this year precisely on my already planned vacation), Ignite, and, while it lasts, the Annual Global MVP Summit with Microsoft to stay in contact with everyone.

As mentioned above in some wording, my work will start where I left off 10 to 15 years ago, maintaining big VSTO Add-ins that extend the Microsoft Office suite, especially for financial service workers. I am also looking into ways to migrate this to the new Office environment (or environments; I should say, as Office is multi-platform these days and can run not only on Windows but also on a Mac, iOS, Android, and more) to make it future-proof. I am confident that we can get this to work in the new context and be the number one provider of productivity tools for financial analysts.

As for my YouTube and Twitch channels, this also means that I need to shift things. My working hours changed from Central European Time (CET) or Central European Summer Time (CEST) in the summer to Eastern Standard Time (EST) or Eastern Daylight Time (EDT) in the summer. I will now work in the US time zone and move my leisure time to the morning in the EU. With that, my Live Coding sessions will shift from twice a week, 8 PM to 11 PM CEST, to three times a week, around 12 PM to 2 PM CEST for Europe and just before the day begins in New York (I guess 6 AM to 8 AM). I hope to make this five(!) times a week, every day… but I want to start slowly and use it to see how it will fit in.

Make sure your follow my YouTube Channel, so you won’t miss a thing. Learn with me in live sessions, make mistakes, stumble and get up!

Click here to go to my YouTube Channel and subscribe to get notified when going live:
Soft as in Software YouTube Channel

A New Beginning (as always)

Soft as in Software is Wishing you a Happy 2024

2024 has started and we are in the second week already. Time for a short recap, as always but like oliebollen, it is part of the tradition. Last year flew by before we knew it. A lot happened but also a lot did not happen.

On a personal level I have been working on my physical state and crazy as it is joined the 5AM club. While travelling to Microsoft Build 2023 I was jet-lagged and was waking up at around four or five AM due to shifted time zones. There is about a nine-hour time difference between my home location and Seattle where Microsoft Build was hosted at the time. I started working out in the gym at the hotel right after waking up and that is still my daily opening scene today.

My physical condition improved a lot, lost a lot of weight (knowing that I also gained a lot of muscle), improved my stamina, lowered my heart rate and extended my sleeping pattern by a few hours.

The downside of more sleep and exercising obviously is that there is not much time left after a day with an extended morning routine, walking to the gym, exercise, walking back from the gym, having breakfast and a shower and morning routine. Add to that a full working day and before you know it, it is time to go to bed again to get the right amount of sleep.

Before all of this I crawled out of bed late, worked for the day and had a long night on Twitch and YouTube to develop stuff online. I was able to crank out a lot of things on my computer but neglected the state of my body and it was already in a bad state after picking up COVID-19. The patterns changed a lot last year but also took a large bite out of my development segment as part of the digital life I was living before.

I still did a lot of things, not as visible as before, ‘off screen’ such as working and supporting my pet project to create Office Add-ins in the context of Blazor. I created the sample projects here in the official Microsoft OfficeDev/Office-Add-in-samples repo as a prototype and helper projects for the community to work on.

I also extended my Azure Developer Associate Certification and was rewarded for the eighteenth time Microsoft MVP again. Completely out of context I did another Transatlantic Disney Cruise to travel from Southampton to New York together with my wife.

Developments on a professional level were a bit disappointing in 2023 and therefore, for 2024, I decided that this will be a time to reflect. At this time working about a day less each week (professionally, that is) whenever possible and focusing more on the fun side of life by working on my own expense on projects that give more joy to see where we end up.

Life is short and therefore it is important to focus on the happy stuff and stay on the positive side in body and mind. There is a lot going on in the world that impacted a lot of innocent people last year. I won’t go too deep into that but apparently there are a few individuals who think it is necessary to spoil the lives of others for their benefit (is there?) and their own position. For 2024, let us all try to turn that around for the better and make sure we all have a safe and prosperous future on this planet. We need to turn the negatives into positive, don’t you agree?

Like last year I have lots of plans on the shelf and I hope you will join me and see you on my YouTube Channel, Twitch Channel or on my Soft as in Software landing pages with this blog!

Recap 2022 and boot into 2023

Wishing you a happy …

The first week of 2023 is behind us, my ‘holidays’ are over, and it is time to boot up 2023. Officially you are not allowed to wish anyone a “Happy New Year” anymore after January 7th.

In the Netherlands, the holidays are a bit different this year compared to other years. In general, we take the last two weeks of the year off but given how Christmas and New Year ended up on the calendar the two-week holiday disconnect was now set to the last week of 2022 and the first week of 2023 by our government.

2022 has been an ups and down year for me. The Up was definitely the Transatlantic Cruise to celebrate my 25th wedding anniversary sailing from Dover to New York with stops in France, UK, Spain, and Bermuda. An experience I wouldn’t want to have missed for the world. The downside was that after staying away from it for over two years I finally got hit by COVID-19, most likely picked it up on our return trip flying back from New York to Berlin or on the train from Berlin to Amsterdam, where we ran into huge crowds all coughing and sneezing while travelling home using airplanes and trains.

Although COVID-19 did not hit me very hard, a mild flu without too much fever, the coughing didn’t go away and kept going on a low level. Just before X-mas, however, I adopted a heavy flu infection. I guess I was still somewhat vulnerable to not being completely recovered from COVID. This resulted in a Pneumonia and my body didn’t allow me to do anything beyond having a time-out. My ‘Body Battery’ didn’t even climb up on my Garmin and zero-ed out for a lengthy period.

Time to visit the doctor (last time was about 10 years ago, I am -knock on wood- not much of a doctor visitor). The examination by my doctor resulted in a huge pile of medication with powerful types that started to kick in the moment I took them in. It looks like things are changing for the better now, at least my ‘Body Battery’ is showing upward movements again.

From a Soft as in Software perspective 2022 was not bad, until my health went south that is. In 2022 I created Office Add-in Starter projects to have new fresh Office Developers to easily get started building their first Word, Excel or Outlook Add-ins using Office JavaScript APIs. Also, I was able to build Blazor based Office Add-ins allowing you to use more .NET based coding, still allowing you to interact with Office hosts such as Word, Excel, or Outlook.

I pushed all of my Office Add-in demo repos into the official Microsoft OfficeDev/Office-Add-in-samples repo by creating Pull Requests and even did some small presentations on the Microsoft Office Add-ins Community calls.

Here are the links to the Add-ins and presentations:

Look at the above links and try to build some of your own Office Add-ins and let me know what you like or don’t like about it. I think the option to use Blazor in your Office Add-ins can be a powerful help if you are a .NET developer from origin and should make it easier to hook into Office, maybe allowing you to move your VSTO Office Add-ins into Office JS Add-ins.

So, there is my New Year’s rant … let’s focus on the future and see where we are going. For one thing my body just warned and gave a clear message to put your health at number one.

I still have lots of plans though so keep an eye out and hope to see you on my YouTube Channel, Twitch Channel or on my Soft as in Software landing pages with this blog!

Visual Studio – Inline Hints

One of the hidden gems in Visual Studio is the option to enable Inline Hints. This will show little labels in your code to show what type of parameter is required for your functions, methods and what not. Also, it will show you what the return type is in case you assign the return value to a var typed variable:

Here is what it looks like in the editor:

Inline Parameter Name Hints
Inline Type Hints

To enable/disable Display Inline Hints you must go to Tools/Options/Text Editor/C#/Advanced and set the checks for Display inline parameter name hints and/or Display inline type hints.

Enable/Disable Display Inline Hints

This can help you coding in several ways. It allows you to immediately see what is expected so it makes it easier to understand what the code is doing, but it also allows you to refactor your code and make changes accordingly to match the hints or use named parameters.

It’s gems like these that make your life as coder much easier, especially if you adopt code from -another- developer where you need to understand what is happening in the existing code you adopted.

Enjoy!

Start With a Bang

Happy New Year!

We left behind 2021, our second year covered with Covid, and moved into 2022. Just when I was about to close the year, traditionally baking a huge batch of “Oliebollen”, “Appelflappen” and “Ananasflappen” (Google it if you don’t know what they are), I received an email from Twitch Corp telling me that I leveled up to Twitch Affiliate.

Twitch Affiliate

If you look at the specs it doesn’t feel like a massive thing:

– Reach fifty followers
– Stream for eight hours
– Stream on seven different days
– Average of three viewers

… but it is harder than you think.

The requirements span is within a 30-day timeframe. The “Stream for eight hours” and ” Stream on seven different days” are the easy ones although reserving seven days out of thirty to do live streaming is already hard to reach for most but it is something you simply can set your mind to and do it without the help of the community. It means streaming twice a week for over an hour to get the eight hours and seven instances in place.

With a niche subject (Live Coding is already a niche subject on its own on Twitch) such as Office Development, coding in general, it is extra hard to get someone’s attention on Twitch. Twitch is more focused on gaming where streamers are sharing their gameplay on stream.

Twitch is not actively pushing content under the noses of people, so you must build your own attention to your channel. Next step is to reach the fifty followers and average of three viewers. Especially the last part, getting an average of three viewers during the full eight hours is tough. People quickly visit and leave after watching for a while, and as it is a chicken-egg issue (more viewers give more interaction making it more interesting to join in and stick around) they usually zap over to other channels after watching a few minutes. If lucky you get them to follow you and show up again at a later session.

In the last week of the year, I was lucky another developer channel on Twitch, going by the name of “one1lion”, to raid my channel when he ended streaming for the day and that gave exposure to my channel from another direction. I really appreciate him doing that for me and make sure you visit his channel; you can learn a thing or two from that.

Anyway, 2022 started with a blast for me, let’s see where we go this year and check in at my now Twitch Affiliate channel and hit the follow button!

Moving Day

foto by @crystalmariesing via Twenty20

I have been preparing this for some time now, but still in progress … I moved my personal blog from www.maartenvanstam.nl to the Soft as in Software blog.softasinsoftware.com. In fact, the old blog still exists but as you are reading this, new posts will only appear on this address: blog.softasinsoftware.com.

The purpose of this blog is that it will match my ‘new’ media where my blog will match my video streams on my Soft as in Software YouTube channel, and my Soft as in Software Twitch channel. Don’t forget to subscribe to the YouTube channel or follow the Twitch channel while you are at it 😉.

I have picked up Live Coding again on YouTube and Twitch where I currently focus on Office Add-in development and Blazor Web Assembly development.

With Office Add-in development the focus is on the OfficeDev PnP repo monitored by Microsoft. This repo needs some serious attention to get it up to a decent quality standard. Some samples are outdated, new samples are needed, so in short much to do there. If you are into that feel free to join me on that.

For Blazor Web Assembly the goal is to rebuild my Soft as in Software landing page. This will be my main source related to the Soft as in Software ‘brand’ if you like. Even this blog will be available from that site. So, if you forgot where to find my blog, simply go the Soft as in Software landing page where you can find the blog in one of the menu items.

With this quick post I re-open my blog and if you are into Office Development (this is a huge area so keep coming back for one or more Office Development updates) or .NET/Blazor minded this blog, my videos on YouTube or Live Stream on YouTube and Twitch might interest you as well.

I have so many plans with this, I am looking forward to a new fresh start and I like to make this interactive, so if you want to share your comments or work with me on the repos, just holler and we’ll see how we can get this going.

In my next blog I will get into some more details on what happened and get into my plans for all of this. Stay tuned!

Fixing Outlook 2016 with MS Support and Recovery Assistant

image

I had issues adding a specific Office365 email account to my Outlook 2016 desktop application on one of my machines for a while now. Giving me the "something went wrong and outlook couldn’t set up your account. please try again. if the problem continues, contact your email administrator." message and no options to add information manually in Outlook 2016.

So with the new year I decided to give it another go and see if I could solve it looking at it with a fresh mindset.

I’m not the only one given the posts like this one:
https://community.spiceworks.com/topic/2026831-unable-to-setup-office-365-mail-account-on-outlook-2016

The post above however didn’t provide me with a solution so I searched a little bit further until I ran into this little gem:

https://support.office.com/en-us/article/about-the-microsoft-support-and-recovery-assistant-e90bb691-c2a7-4697-a94f-88836856c72f

It runs you through a series of questions and analyses the settings (for Outlook 2016 and Office365 in this case) to find that it had issues getting the mail properties, fixed it and created a new Outlook profile that actually worked!

I wanted to get the email account in the existing profile however, but that wasn’t an issue either anymore … Just went over the process of adding the new email account like I used to and now it magically added the account without issues at all. Apparently it also changed something on my Outlook installation but who cares. I finally got my long failing email account to work in 2020 … how is that for a Happy 2020

Happy 2020

It’s been a while, almost year, here … and whenever there is a new year, we pick up our resolutions from last year and see what we can do that we missed progressing the past year. Blogging is one of these things … so let’s pick this up again for now and see where it ends.

In my professional work I’ve been limited in doing things programmer-wise, more a people manager than coding manager at this time. Trying to get our foreign team up and running and at sometimes actually deliver some products. Doing so means I have almost no time at all to do programming.

For this reason, I decided to go on and do the Live Coding thing. Forcing me to go live in front of a camera and coding live on screen is pushing me to keep my coding skills on par. Not easy as what you learn today is outdated tomorrow, but boy … the things you can do in code these days are absolutely amazing!

So join me in my Live Coding sessions on Twitch. You can find my channel here:

https://twitch.tv/MaartenVanStam

Hit the follow button if you are, like me, too lazy to look up the broadcast schedule so you get notified whenever I get online to do the Programming Thing.

At this time I’m working on two main topics:

· Office Development (Who would have guessed?) where I’m trying to do the same things that I was able to do using VSTO to build my Add-ins. Spoiler Alert: You can’t do everything you were able to do with VSTO, but you can do some cool shit anyway …

· Blazor Web Development, building web sites using C# and .NET Core … where Office moved away from .NET to Web Technologies .NET did exactly the other way around and is now focusing on Web Technologies!

Let me know what you think about all these new and not so recent technologies … will they save the world?

Office Development – Live Coding

SDN Cast - Live Coding - Office Development 1

Last two years I have been webcasting every Thursday at 8PM GMT+1/CET on our SDN Cast with my buddies Marcel Meijer, Fanie Reynders and recently added as fourth member Gerald Versluis. In this webcast we on a weekly base discuss the news, events on Software Development and added some demos. Usually the webcast was in Dutch but when we had international guests we shifted to English.

Running the webcast is fun, informal and sometimes high level on discussions when talking about Software Development. Last couple of weeks Fanie Reynders and I have been researching to extend our webcasts with actual live coding sessions. Fanie is focusing on his expertise dotNET Core and I am focusing on Office Development.

Hopefully we will also bring in Gerald Versluis coding on Xamarin and related stuff.

So, starting last Tuesday I started (and planned to do this every next Tuesday in the upcoming weeks) my first Live Coding session on Office Development. Basically I started with where I started blogging about the ‘new’ Office Add-ins

Older Office Development Blog Posts starting here:

https://maartenvanstam.wordpress.com/2017/07/20/office-development-2017/

A lot of time went by, and what I liked to do is looking back on my blogposts and see if they still can stand the shift in time all the way to 2019.

In my first Live Coding session I immediately jumped in to building the first Word Add-in in two ways, one in Visual Studio 2019 (Preview!) and one using Yeoman. I did realize however that I probably should have discussed a bit of starting information first, just like I did in my blog posts. I might jump back a bit in the next Live Coding session next Tuesday February 5 (Click <- to see when this will be in your location)

SDN Cast - Live Coding - Office Development 1 YouTube 

You can find the recording of my first Live Coding session here on YouTube:
https://www.youtube.com/edit?video_id=QivUh9Kyyos

Also you can find another recording on Twitch:
https://www.twitch.tv/videos/371899703##

If you want to follow our Live Coding events (and other SDN Cast webcasts) make sure you subscribe on YouTube or follow me on Twitch!

My weekly Live Coding – Office Development webcasts will always be in English (as far as my English goes that is, pretty sure you’ll get the Dutch dialect for free Smile) so everyone in theory should be able to follow what I am doing. It is still work in progress.

Fanie and I are still researching and working on the streaming tools, there is a lot going on producing live webcasts so don’t kill us if we get a crappy chatroom or other bad widgets in the first couple of weeks Winking smile.

Hope to see you in our next Live Coding sesions!

“Let’s Encrypt” Azure Web Apps (and renew your certs through automation!)

We already ran into this twice, our @SDNCast website was down again as our SSL-certificates expired. The certificates are only valid for three months by default so every time after three months this would happen again.

Also, and Google actively started to ‘block’ so called ‘unsafe’ websites as of today, more and more browsers will refuse to open these ‘unsafe’ websites, so we had to find a solution for our beautiful website to keep our website containing our weekly SDN Cast recordings in the air.

If you think, as I did until today, that your website does not contains information that you need to protect by using HTTPS, think again! The point is, it is not that you are leaking information, but it allows others to inject information into -your- website that could be malicious or simply incorrect.

To convince you, watch this video from @TroyHunt :
https://www.troyhunt.com/heres-why-your-static-website-needs-https

I won’t go much into detail on what HTTPS (HTTP Secure) is or what SSL or TLS is. There has already been written enough on this that you can find on the Interwebs, but I’ll add some reference links below this article in order for you to look at if you want to know more about it. For now, it’s just about how to get it to work and make sure that it keeps working.

Our SDN Cast website runs in the ‘Cloud’, in Azure to be precise, and runs there as an App Service. It appears that there is an extension available that allows you to request for an SSL certificate and keeps it up to date even after three months so it automagically renews the certificate when needed.

This extension uses the services of Let’s Encrypt.

Let’s Encrypt is a free, automated and open Certificate Authority (CA) and was specifically created to support the public in providing free certificates. It’s a service provided by the Internet Security Research Group (ISRG). The idea is to get at as many places as possible with not too much effort and most and for all at no costs to provide the Internet with digital certificates to build a safer and privacy respecting Web.

What do you need to do?

· Get an SSL-certificate supporting App Service

· Create a Service Principal

· Allow the Service Principal access to your App Service

· Create a Storage Account

· Install the Let’s Encrypt Extension

· Configure the Extension

Supporting SSL and Custom Domains

Not all App Service levels allow you to use Custom Domains and/or SSL. So, make sure you are on the right level of your selected App Service and see if you can use it on your level. If not? Level Up! It’s still relatively cheap and the chance is that you already in the right level but just did not enable it. Well that changes today!

clip_image002

In general, you can say that the Basic Tiers are offering the options already. The Free and Shared Tier are not supporting this at the time of writing so if you selected that one previously you will need to scale up and upgrade to a higher Tier to enable this.

Create a Service Principal

To allow you to request or renew certificates without the touch of a Human you will appoint a Contributor to your App Service that you create in your Azure Active Directory. So, what you are doing is creating a Service Principal (a set of credentials) that will allow you to do the work for you whenever a new certificate is needed through automation.

1. Open Azure Active Directory (make sure you work from the right tenant and select the tenant where the App Service is located if you have more than one tenant)

clip_image003

2. Go to App registrations and create a New Application Registration

clip_image004


clip_image006


Make sure you selected All apps in your List box, otherwise you won’t see the registration after creating the registration:

clip_image007


In the process of creating the Application Registration you enter the Name for the Service Principal, select Web app/API at Application Type and think of a specific URL to enter at Sign-on URL.

This URL is not validated so it can be any sub domain for the site you are creating your SSL-certificates for. In my example I used https://letsencrypt.devworld.nl , a non-existing URL.

3. Create the Application Registration

clip_image008


After creating your Registration it will appear in the list:

clip_image010


The Service Principal is unique identified by the Application ID. Take a note, write it down, you’ll need it later.
Select the Application Registration and in the screen that opens select Settings:

4. Create a Key

clip_image011


Under Settings select the option Keys. We now will add a Key that will be used to authenticate the Service Principal. 

clip_image012


Enter the Description, think about the lifetime for expiring – how long do you want the Key to be valid and click Save. On saving the Key the Value will be generated. Again, make sure you write down this value as you will need it later in the process. If you don’t and/or forgot the Value, you will need to create another one as they can’t be handed to you after closing (and try to remember this time!). 

clip_image014

That’s all, the Service Principal has been created and now we assign it to the Resource Group running the App Service to allow the Service Principal to access the Resources.

Providing access to the Service Principal

Now you created the Service Principal it should get access rights as a “Contributor” to the Resource Groups containing the App Service Plan and the App Service. If they are both in separate Resource Groups add the Service Principal to both Resource Groups.

1. Open Access Control at the Resource Group

clip_image015

2. Click Add to add the Service Principal as ‘Contributor’ of the Resource Group:

clip_image016

3. Enter the Role by selecting the Contributor role, providing access to Azure AD user, group, or application and select the Service Principal you just created by selecting it from the list under Select:

clip_image017

4. Click Save to assign the permissions:
clip_image018

Create a Storage Account

To keep track of the certificate state Let’s Encrypt extension uses a Storage Account. You need to create this if you haven’t already done so (you could use an existing Storage Account, but it needs to be one of the Generic types, Blob Storage alone is not enough).

1. Create the Storage Account.

Select from the list of Azure Resources the Storage Account Option and create it

clip_image020

2. As said, make sure the Storage Account kind is created with Generic Purpose.

clip_image021

3. Copy the Connection string from the first key key1, this value will provide access for the Let’s Encrypt extension to the Storage Account. Select and copy the Connection string (there is a lot to remember as you can see .

clip_image022

4. Go to your App Service and select Application Settings:

clip_image024

5. Now add two twee Connection strings with the names: AzureWebJobsDashboard en AzureWebJobsStorage
Each of these settings will be in the form of
DefaultEndpointsProtocol=https;AccountName=[myaccount];AccountKey=[mykey];

Make sure your connection strings don’t end with the part EndpointSuffix=core.windows.net. This -is- part of the Connection String you just created at the storage account, but you need to remove this to make it work otherwise it will fail.

clip_image026

Add the Let’s Encrypt Extension

Now that we have done all the preparations, it all looks very complex but if you look back afterwards it will become a bit clearer to you and you’ll see why it was needed.

1. Select the option Extensions from your App Service options and click Add to select the extension:

clip_image027

2. Select the Azure Let’s Encrypt extension. There used to be three, there are now only two, the one without and the one with Web job that takes care of renewing the certificate. At the time there where three where the story goes that the 64 bits version wasn’t all too stable. At that time, I selected the 32 bits version but today there is just the option to pick the extension with the Webjob:

clip_image029

3. Accept the Legal Terms by clicking OK

clip_image030

4. And another OK to finalize it

clip_image031


The extension has now been added to the App Service but to properly initialize and run it you need to restart the App Service otherwise you’ll see some issues in the next few steps.

clip_image033

5. Open the selected extension that you just added and click the Browse button to fill out the properties needed for it to run: 

clip_image034

6. Entering all the authentication properties needed to run the WebJob properly is our next step. These will be added by the extension to the App Service.

clip_image036

7. Tenant ID, this is the tenant ID that belongs to the Resource Group and looks like yourdomain.onmicrosoft.com.

clip_image037

8. Subscription ID is the ID of the Azure Subscription, you can find this on the Subscriptions Blade:
https://portal.azure.com/#blade/Microsoft_Azure_Billing/SubscriptionsBlade

9. Client ID is the Application ID of the Service Principal that you wrote down earlier in one of the steps above.

10. Client Secret is the Service Principal Key that you kept for later use just like the Application ID.

11. Enter the Resource Group name of the App Service and the Service Plan. Usually they will be the same, if not enter them separately for each Resource Group.

12. The WebAppName is already there by default, the SiteSlotName can be kept empty and the Update Application Settings should be enabled by checking the checkbox to checked.

13. Make sure everything is entered properly and click Next:

clip_image039

14. At this time the settings will be applied:

clip_image040

15. An overview is shown with the settings that it found. At this time, you should see the Custom Domain names applicable. Right now, they are still not bound to SSL because the certificates need to be assigned. Click Next …

clip_image042


At this time you will start to request and install the actual certificates for you App Service. Select the Hostnames where you want the certificates to be activated and enter the email address where you want to receive any notifications related to this registration when they expire so you can check if you don’t trust the process. Click
Request and Install Certificate

clip_image044


If all went as it should go you should now get an overview where you can see the requested hostnames now provided with SSL bindings and the certificates!

clip_image046

Results

It’s time to check the results to see if everything is the way we would expect. Let’s check the website and see if it now is ‘safe’:

clip_image047

As we can see on my test-website that I used it is now provided with the “Safe” symbol, the green lock and it appears to have a Valid Certificate attached to the website. We reached our goal, we secured our website with a certificate. Let’s have a look at the certificate:

clip_image049

We now see that the certificate is published by Let’s Encrypt Authority X3 and is about valid for three months (in fact, exactly three months but the image is from the date I initially created the image in my Dutch article that I published in our Dutch SDN Magazine).

Looking at the SSL-settings on the App Service we can also see that the certificate has been attached and the SSL-bindings are in place related to the certificate.

clip_image051

Now if you look at Application Settings on the App Service you’ll see that many of the settings that you’ve seen earlier when creating the added extension now returned in a list of “Let’s Encrypt” variables. Inspecting them will show you that this information is also used at the certificate itself.

clip_image053

Last check will be at the created Webjob to see if this one is also active. The Webjob should be running to be able to renew the certificate in three months.

clip_image055

Here however we see a message on the page that indicates the App Service should be “Always on” for it to run properly. Therefore, click the link in the message to go the specific setting to enable the Always On option.

clip_image056

As a real final step, you also need to check the HTTPS Only setting is enabled at the Custom Hostnames settings to make sure the website is always accessed over HTTPS:

clip_image058

If you look at it from here we’ve been going over a lot of steps but if you do it properly it’s quite logical. Now all we can do is wait for three months to see if your certificates really are renewed. If all goes well we won’t need to create our certificates anymore, no manual tasks and no administration to keep track of the certificates (unless you set a time limitation on the Principal Key )

References:

HTTPS: https://en.wikipedia.org/wiki/HTTPS

Let’s Encrypt: https://letsencrypt.org

Maarten van Stam

Manager at Deloitte Accountants and responsible for Software Development in the Professional Practice Department.
Also Software Engineer, Solution Architect, MVP, Technology Watcher, Member of Microsoft Office 14 Developer Advisory Council, Organizer in Software Development Network user group community, Web Caster and speaker at developer events and much, much more!

LinkedIn:
https://www.linkedin.com/in/aafvstam/

%d bloggers like this: