Your app is legendary, our renewal process with your app, ps scripts and uploading to Azure Key Vault and then running ps scripts on there for our app services works so well
I have a question around timing for auto renewal. I saw someone previously posting about this and you mentioned in your post that you were building a feature for a Deferred Deployment option, is that coming in soon? I currently run version 5.3.2.0 . Obviously reasoning behind this is I want to sync the time of renewal and tasks happening on our server using CertifyTheWeb with our scheduled tasks running on Azure.
Is the other option you specified previously to just have āCert Store Onlyā deployment option and then move my deployment tasks to windows scheduled tasks? Iāll be keep my āUpload To Azure Key Vaultā task as that wonāt effect our process but cert binding tasks etc I will have to move.
If you already have deployment tasks configured in Cerify and you want to control when they are runā¦ just set the trigger to Manual (run using UI or command line).
A commandline box will appear that you can copy into Windows Task Scheduler pointing at Certify.exe. This way you donāt have to rip out any already working tasks. You just trigger when they run differently.
Iāve never done this, but Iām 90% sure this is how it works. I think the certify in the box is the EXE name and not part of the arguments you give Task Scheduler.
@jljtgr is exactly right. So ideally you want your actual cert renewals to happen when they can (as you cannot rely on services like Letās Encrypt to always issue a certificate when you want it to - their service can be down etc). So you shouldnāt wait for your maintenance window before attempting that.
For scheduled deployment, deployment to any services that need restarted can be controlled using your own scheduled task or run manually during a planned maintenance window.
Note that auto deployment to IIS is only part of the standard deployment and canāt currently be deferred like other task can.