Skip to content

Commit

Permalink
Let's Encrypt certificates are issued by R3, R4, E1 or E2 now
Browse files Browse the repository at this point in the history
  • Loading branch information
jaykay-design committed Jan 14, 2021
1 parent 6b9f2e1 commit 973a707
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 3 deletions.
6 changes: 5 additions & 1 deletion LetsEncrypt.SiteExtension.Core/CertificateManager.cs
Original file line number Diff line number Diff line change
Expand Up @@ -138,7 +138,11 @@ public async Task<List<CertificateInstallModel>> RenewCertificate(bool skipInsta
body = await response.Content.ReadAsStringAsync();
IEnumerable<Certificate> certs = ExtractCertificates(body);

var expiringCerts = certs.Where(s => s.ExpirationDate < DateTime.UtcNow.AddDays(renewXNumberOfDaysBeforeExpiration) && (s.Issuer.Contains("Let's Encrypt") || s.Issuer.Contains("Fake LE")));

var issuerNames = new[] { "Fake LE", "Let's Encrypt", "R3", "R4", "E1", "E2" };
var letsEncryptCerts = ExtractCertificates(body).Where(s => issuerNames.Any(i => s.Issuer.StartsWith(i, StringComparison.InvariantCulture)));

var expiringCerts = certs.Where(s => s.ExpirationDate < DateTime.UtcNow.AddDays(renewXNumberOfDaysBeforeExpiration) && issuerNames.Any(i => s.Issuer.StartsWith(i)));

if (expiringCerts.Count() == 0)
{
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -88,8 +88,9 @@ public async Task<List<string>> RemoveExpired(int removeXNumberOfDaysBeforeExpir
{
var certs = webSiteClient.Certificates.ListByResourceGroup(azureEnvironment.ServicePlanResourceGroupName);
var site = webSiteClient.WebApps.GetSiteOrSlot(azureEnvironment.ResourceGroupName, azureEnvironment.WebAppName, azureEnvironment.SiteSlotName);

var tobeRemoved = certs.Where(s => s.ExpirationDate < DateTime.UtcNow.AddDays(removeXNumberOfDaysBeforeExpiration) && (s.Issuer.Contains("Let's Encrypt") || s.Issuer.Contains("Fake LE")) && !site.HostNameSslStates.Any(hostNameBindings => hostNameBindings.Thumbprint == s.Thumbprint)).ToList();

var issuerNames = new[] { "Fake LE", "Let's Encrypt", "R3", "R4", "E1", "E2" };
var tobeRemoved = certs.Where(s => s.ExpirationDate < DateTime.UtcNow.AddDays(removeXNumberOfDaysBeforeExpiration) && issuerNames.Any(i => s.Issuer.StartsWith(i, StringComparison.InvariantCulture)) && !site.HostNameSslStates.Any(hostNameBindings => hostNameBindings.Thumbprint == s.Thumbprint)).ToList();
foreach (var cert in tobeRemoved)
{
await RemoveCertificate(webSiteClient, cert);
Expand Down

0 comments on commit 973a707

Please sign in to comment.