Configure the RCL SSL AutoRenew Function App


In this section, you will configure the RCL SSL AutoRenew Function app.

Register an AAD Application

An Azure Active Directory (AAD) application must be registered to obtain permission to access a user’s Azure resources (Key Vault, DNS Zone, App Services) in a Subscription. Please refer to the following link for instructions on how to register the AAD application:

Set Access Control for the AAD application

Access control must be set for the AAD application to access resources in a user’s Azure Subscription (Key Vault, DNS Zone, App Services). Please refer to the following link for instructions:

Get the AAD Credentials

Please refer to the link below to get the following AAD credentials :

- Client Id
- Client Secret
- Tenant Id

To configure the function app :

Add the Configuration variables

  • Open the function app and click on ‘Configuration’


Update the following configuration entries with the credentials from the AAD application :

  • RCLSDK:ClientId - the AAD App Client Id
  • RCLSDK:ClientSecret - the AAD App Client Secret
  • RCLSDK:TenantId - the AAD App Tenant Id



  • Scroll down and copy the ‘Subscription Id’ for configuration purposes


  • In the Function App configuration page, add the ‘Subscription Id’ value to the RCLSDK:SubscriptionId configuration entry


  • In the Function App configuration page, add the certificate(s) that you would like to renew in the CertificateBot:IncludeCertificatesArray configuration entry

  • You can add a single certificate by its name, or multiple certificates separated by semi-colons (;)

Example single certificate


Example single SAN certificate


Example multiple certificates



  • Click the ‘Save’ button when you are done

Add the Client Id in the RCL Portal

The AAD Application must be registered in the RCL SSL Portal to associate the AAD application to a user’s RCL SSL subscription.

To add the AAD Application’s Client Id to the portal, please follow the instructions in this link :

Next Step