private async Task RenewAsync(
Overrides overrides,
ExecutionContext executionContext,
CancellationToken cancellationToken)
{
var configurations = await _configurationLoader.LoadConfigFilesAsync(executionContext, cancellationToken);
var stopwatch = new Stopwatch();
// with lots of certificate renewals this could run into function timeout (10mins)
// with 30 days to expiry (default setting) this isn't a big problem as next day all unfinished renewals are continued
// user will only get email <= 14 days before expiry so acceptable for now
var errors = new List <Exception>();
foreach ((var name, var config) in configurations)
{
using (_logger.BeginScope($"Working on certificates from {name}"))
{
foreach (var cert in config.Certificates)
{
stopwatch.Restart();
var hostNames = string.Join(";", cert.HostNames);
cert.Overrides = overrides ?? Overrides.None;
try
{
_logger.LogInformation($"await _renewalService.RenewCertificateAsync(config.Acme, cert, cancellationToken) {cert.TargetResource.Name}");
var result = await _renewalService.RenewCertificateAsync(config.Acme, cert, cancellationToken);
switch (result)
{
case RenewalResult.NoChange:
_logger.LogInformation($"Certificate renewal skipped for: {hostNames} (no change required yet)");
break;
case RenewalResult.Success:
_logger.LogInformation($"Certificate renewal succeeded for: {hostNames}");
break;
default:
throw new ArgumentOutOfRangeException(result.ToString());
}
}
catch (Exception e)
{
_logger.LogError(e, $"Certificate renewal failed for: {hostNames}!");
errors.Add(e);
}
_logger.LogInformation($"Renewing certificates for {hostNames} took: {stopwatch.Elapsed}");
}
}
}
if (!configurations.Any())
{
_logger.LogWarning("No configurations where processed, refere to the sample on how to set up configs!");
}
if (errors.Any())
{
throw new AggregateException("Failed to process all certificates", errors);
}
}
private async Task CheckDomainsForValidCertificateAsync(
ExecutionContext executionContext,
CancellationToken cancellationToken)
{
var configurations = await _configurationLoader.LoadConfigFilesAsync(executionContext, cancellationToken);
var errors = new List <Exception>();
var httpClient = new HttpClient();
foreach ((var name, var config) in configurations)
{
using (_logger.BeginScope($"Checking certificates from {name}"))
{
foreach (var cert in config.Certificates)
{
var hostNames = string.Join(";", cert.HostNames);
try
{
// check each domain to verify HTTPS certificate is valid
var request = WebRequest.CreateHttp($"https://{cert.HostNames.First()}");
request.ServerCertificateValidationCallback += ValidateTestServerCertificate;
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse()) { }
}
catch (Exception e)
{
_logger.LogError(e, $"Certificate check failed for: {hostNames}!");
errors.Add(e);
continue;
}
_logger.LogInformation($"Certificate for {hostNames} looks valid");
}
}
}
if (!configurations.Any())
{
_logger.LogWarning("No configurations where processed, refere to the sample on how to set up configs!");
}
if (errors.Any())
{
throw new AggregateException("Failed to process all certificates", errors);
}
}
