private async Task <bool> ShouldRenew(string cert, string[] hostnames) { var info = await certStore.GetCertInfo(cert); if (info == null) { logger.LogInformation("Renwing '{0}' as no existing cert info was found", cert); return(true); } if ((info.Expiration - DateTimeOffset.UtcNow) < TimeSpan.FromDays(CertExpirationThreshold_Days)) { logger.LogInformation("Renwing '{0}' as existing cert is nearing expirtation", cert); return(true); } if (NameMatchesHost(hostnames.First(), info.SubjectName) == false) { logger.LogInformation("Renwing '{0}' as existing cert subject name does not match first host of '{1}'", cert, hostnames.First()); return(true); } var allMatchSan = hostnames.All(h => NameMatchesHost(h, info.SubjectAlternativeNames)); if (allMatchSan == false) { logger.LogInformation("Renwing '{0}' as all hostnames are not contained in cert SAN", cert); return(true); } return(false); }