Add support for certificates generated by the new LetsEncrypt Intermediate Authority "R3". See https://community.letsencrypt.org/t/beginning-issuance-from-r3/139018/3 for more details.

Author: thecontrarycat

src/WebAppSSLManager/AzureHelper.cs

@@ -137,12 +137,16 @@ public static async Task<bool> NeedsNewCertificateAsync()
             ResourceConfiguration resource = await GetResourceConfigurationAsync();
 
             IAppServiceCertificate existingCert = resource.ExistingCertificates?
-                                                            .Where(c => c.Issuer.Contains(Constants.DefaultCA))
+                                                            .Where(c => c.Issuer.Contains(Constants.DefaultCA) || c.Issuer.Equals(Constants.DefaultIntermediate))
                                                             .OrderByDescending(c => c.ExpirationDate)
                                                             .FirstOrDefault();
-            
-            if(existingCert == null)
+
+            if (existingCert == null)
+            {
+                _logger.LogInformation("   No existing certificate found.");
+
                 return true;
+            }
 
             TimeSpan timeUntilExpiry = existingCert.ExpirationDate - DateTime.Now;
 

src/WebAppSSLManager/Models/Constants.cs

@@ -11,6 +11,7 @@ public class Constants
         public const string CertificateBlobContainer = "certificates";
         public const string DefaultEmailSender = "AzureWebAppSSLManager@dbtek.com.hk";
         public const string DefaultCA = "Let's Encrypt Authority";
+        public const string DefaultIntermediate = "R3";
         public const int DefaultBatchSize = 0;
         public const int DaysBeforeExpiryToRenew = 30;
     }