public async Task<X509Certificate2> GetCertificate(string[] domainNames) { // TODO Create a double lock around this using another option method so this does not get // run on multiple machines at the same time... X509Certificate2 cert = null; byte[] pfx = await options.RetrieveCertificate(domainNames.First()); if (pfx != null) { cert = new X509Certificate2(pfx, options.AcmeSettings.PfxPassword); if (cert.NotAfter - DateTime.UtcNow < TimeSpan.FromDays(14)) { // Request a new cert 14 days before the current one expires pfx = await RequestNewCertificate(domainNames, options.AcmeSettings, options.SetChallengeResponse); if (pfx != null) { await options.StoreCertificate(domainNames.First(), pfx); cert = new X509Certificate2(pfx, options.AcmeSettings.PfxPassword); } } } else { pfx = await RequestNewCertificate(domainNames, options.AcmeSettings, options.SetChallengeResponse); if (pfx != null) { await options.StoreCertificate(domainNames.First(), pfx); cert = new X509Certificate2(pfx, options.AcmeSettings.PfxPassword); } } return cert; }