From eaec7d51b74bc7270e2be418e3a6293f2953f891 Mon Sep 17 00:00:00 2001
From: Tatsuro Shibamura <me@shibayan.jp>
Date: Fri, 3 Jan 2025 13:38:31 +0900
Subject: [PATCH] Fixed new certificate issue error (#797)

---
 KeyVault.Acmebot/Functions/SharedActivity.cs   |  9 ++-------
 .../Internal/CertificateExtensions.cs          | 18 +++++++++++++++++-
 2 files changed, 19 insertions(+), 8 deletions(-)

diff --git a/KeyVault.Acmebot/Functions/SharedActivity.cs b/KeyVault.Acmebot/Functions/SharedActivity.cs
index c316678b..7a9387b9 100644
--- a/KeyVault.Acmebot/Functions/SharedActivity.cs
+++ b/KeyVault.Acmebot/Functions/SharedActivity.cs
@@ -386,14 +386,9 @@ public async Task<OrderDetails> FinalizeOrder([ActivityTrigger] (CertificatePoli
         try
         {
             var certificatePolicy = certificatePolicyItem.ToCertificatePolicy();
+            var metadata = certificatePolicyItem.ToCertificateMetadata(_options.Endpoint);
 
-            var certificateOperation = await _certificateClient.StartCreateCertificateAsync(certificatePolicyItem.CertificateName, certificatePolicy, tags: new Dictionary<string, string>
-            {
-                { "Issuer", "Acmebot" },
-                { "Endpoint", _options.Endpoint.Host },
-                { "DnsProvider", certificatePolicyItem.DnsProviderName },
-                { "DnsAlias", certificatePolicyItem.DnsAlias }
-            });
+            var certificateOperation = await _certificateClient.StartCreateCertificateAsync(certificatePolicyItem.CertificateName, certificatePolicy, tags: metadata);
 
             csr = certificateOperation.Properties.Csr;
         }
diff --git a/KeyVault.Acmebot/Internal/CertificateExtensions.cs b/KeyVault.Acmebot/Internal/CertificateExtensions.cs
index fde7c8b9..5f601ee5 100644
--- a/KeyVault.Acmebot/Internal/CertificateExtensions.cs
+++ b/KeyVault.Acmebot/Internal/CertificateExtensions.cs
@@ -60,6 +60,23 @@ public static CertificatePolicyItem ToCertificatePolicyItem(this KeyVaultCertifi
         };
     }
 
+    public static IDictionary<string, string> ToCertificateMetadata(this CertificatePolicyItem certificatePolicyItem, Uri endpoint)
+    {
+        var metadata = new Dictionary<string, string>
+        {
+            { IssuerKey, IssuerValue },
+            { EndpointKey, endpoint.Host },
+            { DnsProviderKey, certificatePolicyItem.DnsProviderName }
+        };
+
+        if (!string.IsNullOrEmpty(certificatePolicyItem.DnsAlias))
+        {
+            metadata.Add(DnsAliasKey, certificatePolicyItem.DnsAlias);
+        }
+
+        return metadata;
+    }
+
     private const string IssuerKey = "Issuer";
     private const string EndpointKey = "Endpoint";
     private const string DnsProviderKey = "DnsProvider";
@@ -75,7 +92,6 @@ public static CertificatePolicyItem ToCertificatePolicyItem(this KeyVaultCertifi
 
     private static bool TryGetDnsAlias(this IDictionary<string, string> tags, out string dnsAlias) => tags.TryGetValue(DnsAliasKey, out dnsAlias);
 
-
     private static string ToHexString(byte[] bytes)
     {
         ArgumentNullException.ThrowIfNull(bytes);