Merge pull request #382 from jaykay-design/new_issuer

Let's Encrypt certificates are issued by R3, R4, E1 or E2 now
sjkp · Feb 15, 2021 · 1d709a3 · 1d709a3
2 parents 6b9f2e1 + 973a707
commit 1d709a3
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 3 deletions.
diff --git a/LetsEncrypt.SiteExtension.Core/CertificateManager.cs b/LetsEncrypt.SiteExtension.Core/CertificateManager.cs
@@ -138,7 +138,11 @@ public async Task<List<CertificateInstallModel>> RenewCertificate(bool skipInsta
                 body = await response.Content.ReadAsStringAsync();
                 IEnumerable<Certificate> certs = ExtractCertificates(body);
 
-                var expiringCerts = certs.Where(s => s.ExpirationDate < DateTime.UtcNow.AddDays(renewXNumberOfDaysBeforeExpiration) && (s.Issuer.Contains("Let's Encrypt") || s.Issuer.Contains("Fake LE")));
+
+                var issuerNames = new[] { "Fake LE", "Let's Encrypt", "R3", "R4", "E1", "E2" };
+                var letsEncryptCerts = ExtractCertificates(body).Where(s => issuerNames.Any(i => s.Issuer.StartsWith(i, StringComparison.InvariantCulture)));
+
+                var expiringCerts = certs.Where(s => s.ExpirationDate < DateTime.UtcNow.AddDays(renewXNumberOfDaysBeforeExpiration) && issuerNames.Any(i => s.Issuer.StartsWith(i)));
 
                 if (expiringCerts.Count() == 0)
                 {

diff --git a/LetsEncrypt.SiteExtension.Core/Services/WebAppCertificateService.cs b/LetsEncrypt.SiteExtension.Core/Services/WebAppCertificateService.cs
@@ -88,8 +88,9 @@ public async Task<List<string>> RemoveExpired(int removeXNumberOfDaysBeforeExpir
             {
                 var certs = webSiteClient.Certificates.ListByResourceGroup(azureEnvironment.ServicePlanResourceGroupName);
                 var site = webSiteClient.WebApps.GetSiteOrSlot(azureEnvironment.ResourceGroupName, azureEnvironment.WebAppName, azureEnvironment.SiteSlotName);
-
-                var tobeRemoved = certs.Where(s => s.ExpirationDate < DateTime.UtcNow.AddDays(removeXNumberOfDaysBeforeExpiration) && (s.Issuer.Contains("Let's Encrypt") || s.Issuer.Contains("Fake LE")) && !site.HostNameSslStates.Any(hostNameBindings => hostNameBindings.Thumbprint == s.Thumbprint)).ToList();
+
+                var issuerNames = new[] { "Fake LE", "Let's Encrypt", "R3", "R4", "E1", "E2" };
+                var tobeRemoved = certs.Where(s => s.ExpirationDate < DateTime.UtcNow.AddDays(removeXNumberOfDaysBeforeExpiration) && issuerNames.Any(i => s.Issuer.StartsWith(i, StringComparison.InvariantCulture)) && !site.HostNameSslStates.Any(hostNameBindings => hostNameBindings.Thumbprint == s.Thumbprint)).ToList();
                 foreach (var cert in tobeRemoved)
                 {
                     await RemoveCertificate(webSiteClient, cert);