Modified the Azure certificate persistence strategy to separate out c…

…ertificates generated using the Staging Lets Encrypt API from the Production API to ease testing/swtiching between the two. (#15)
ffMathy · Nov 13, 2019 · 6a5caef · 6a5caef
1 parent 898fa2b
commit 6a5caef
Showing 1 changed file with 16 additions and 6 deletions.
diff --git a/...Spoon.AspNet.LetsEncrypt.Azure/AzureAppServiceSslBindingCertificatePersistenceStrategy.cs b/...Spoon.AspNet.LetsEncrypt.Azure/AzureAppServiceSslBindingCertificatePersistenceStrategy.cs
@@ -176,7 +176,7 @@ await client.WebApps.Manager
 				foreach (var tag in azureCertificate.Tags)
 					tags.Add(tag.Key, tag.Value);
 
-				tags.Add(TagName, persistenceType.ToString());
+				tags.Add(TagName, GetTagValue(persistenceType));
 
 				logger.LogInformation("Updating tags: {0}.", tags);
 
@@ -326,24 +326,26 @@ public async Task<byte[]> RetrieveAsync(CertificateType persistenceType)
 			return pfxBlob;
 		}
 
-		private async Task<IAppServiceCertificate> GetExistingAzureCertificateAsync(CertificateType persistenceType)
+		private async Task<IAppServiceCertificate> GetExistingAzureCertificateAsync(CertificateType certificateType)
 		{
-			if (persistenceType != CertificateType.Site)
+			if (certificateType != CertificateType.Site)
 			{
-				logger.LogTrace("Skipping certificate retrieval of a certificate of type {0}, which can't be persisted in Azure.", persistenceType);
+				logger.LogTrace("Skipping certificate retrieval of a certificate of type {0}, which can't be persisted in Azure.", certificateType);
 				return null;
 			}
 
 			var certificates = await client.WebApps.Manager
 				.AppServiceCertificates
 				.ListByResourceGroupAsync(azureOptions.ResourceGroupName);
 
-			logger.LogInformation("Trying to find existing Azure certificate with key {0}.", persistenceType);
+			logger.LogInformation("Trying to find existing Azure certificate with key {0}.", certificateType);
+
+			var expectedTagValue = GetTagValue(certificateType);
 
 			foreach (var certificate in certificates)
 			{
 				var tags = certificate.Tags;
-				if (!tags.ContainsKey(TagName) || tags[TagName] != persistenceType.ToString())
+				if (!tags.ContainsKey(TagName) || tags[TagName] != expectedTagValue)
 					continue;
 
 				return certificate;
@@ -354,6 +356,14 @@ private async Task<IAppServiceCertificate> GetExistingAzureCertificateAsync(Cert
 			return null;
 		}
 
+		private string GetTagValue(CertificateType certificateType)
+		{
+			if (letsEncryptOptions.UseStaging)
+				return $"{certificateType}-Staging";
+			else
+				return certificateType.ToString();
+		}
+
 		private async Task<X509Certificate2> GetExistingCertificateAsync(CertificateType persistenceType)
 		{
 			var azureCert = await GetExistingAzureCertificateAsync(persistenceType);