github
/
acme.sh
mirror of https://github.com/acmesh-official/acme.sh
1
0
Fork 0
Code Issues Releases Wiki Activity

Add note about acme.sh and azure function managed identities

master
techknowlogick 2025-03-31 10:42:50 -04:00
parent d1c18011cc
commit 82bc5b57a6
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
dnsapi.md

@ -1041,6 +1041,8 @@ Before running acme.sh following variables need to be set:
Issuing certificates using managed identity clears previously set settings: `AZUREDNS_TENANTID`, `AZUREDNS_APPID`, `AZUREDNS_CLIENTSECRET`.
`AZUREDNS_SUBSCRIPTIONID` and `AZUREDNS_MANAGEDIDENTITY` will be saved in ~/.acme.sh/account.conf for future use.
Azure App Service and App Functions have an [alternative process](https://learn.microsoft.com/en-us/azure/app-service/overview-managed-identity?tabs=portal%2Chttp#rest-endpoint-reference) to fetch managed identities. When running acme.sh in either, they will use the `IDENTITY_ENDPOINT` and `IDENTITY_HEADER` environment variables that are injected into the service to fetch the managed identity token.
### Use provided Bearer token
If you want to use Entra Workload ID in a GitHub Action or similar CI/CD scenarios, you have to use a provided Bearer token.