Azure LetsEncrypt extension cannot access .well-known/acme-challenge in Umbraco app

Turns out the problem has to do with the fact that the ACME challenge files are extensionless and the Umbraco pipeline tries to route all extensionless requests to a document within the CMS using OWIN.

James Dibble has written an excellent guide for how to create an OWIN configuration file to intercept any requests to "/.well-known" and serve up the ACME challenge files instead:

https://www.jdibble.co.uk/blog/using-letsencrypt-with-umbraco

You can find the gist of his code here:

https://gist.github.com/dibble-james/f47b0cba3494381588482c7f185861bf

One thing that was left out of his tutorial was that I also had to install the Microsoft.Owin.StaticFiles package. I also didn't know what he meant by "update the owin:appStartup app setting in your web.config," because I've never used OWIN before. If you just copypasta his code, then you'll want to change your setting from this:

<add key="owin:appStartup" value="UmbracoDefaultOwinStartup" />

To this:

<add key="owin:appStartup" value="Startup" />

Here's a detailed article as to why:

http://www.asp.net/aspnet/overview/owin-and-katana/owin-startup-class-detection

In the web.config file for the site, add ~/.well-known to the umbracoReservedPaths element and Let's Encrypt will be able to access the verification url.

<add key="umbracoReservedPaths" value="~/umbraco,~/.well-known" />

I just write the verification file as an index.html in the required folder and have the following rewrite rule so it serves the html file:

    <rule name="AcmeChallenge" patternSyntax="Wildcard">
      <match url=".well-known/acme-challenge*" />
      <action type="Rewrite" url="{R:0}/index.html" />
    </rule>