private async Task <bool> ShouldRenew(string cert, string[] hostnames)
{
var info = await certStore.GetCertInfo(cert);
if (info == null)
{
logger.LogInformation("Renwing '{0}' as no existing cert info was found", cert);
return(true);
}
if ((info.Expiration - DateTimeOffset.UtcNow) < TimeSpan.FromDays(CertExpirationThreshold_Days))
{
logger.LogInformation("Renwing '{0}' as existing cert is nearing expirtation", cert);
return(true);
}
if (NameMatchesHost(hostnames.First(), info.SubjectName) == false)
{
logger.LogInformation("Renwing '{0}' as existing cert subject name does not match first host of '{1}'", cert, hostnames.First());
return(true);
}
var allMatchSan = hostnames.All(h => NameMatchesHost(h, info.SubjectAlternativeNames));
if (allMatchSan == false)
{
logger.LogInformation("Renwing '{0}' as all hostnames are not contained in cert SAN", cert);
return(true);
}
return(false);
}
