From 7ff27c18ff65e7f9d29d745e268c3f083aa7cb3b Mon Sep 17 00:00:00 2001
From: Abdul Rahman <1421986+ansariabr@users.noreply.github.com>
Date: Mon, 29 Jun 2020 00:07:24 +0530
Subject: [PATCH] Fix for bug #57 - consider latest expiring certificate in
 case of multiple ASP.Net Core development certificates (#58)

---
 src/dotnet-serve/Security/CertificateLoader.cs | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/src/dotnet-serve/Security/CertificateLoader.cs b/src/dotnet-serve/Security/CertificateLoader.cs
index 2114c81..4b717ff 100644
--- a/src/dotnet-serve/Security/CertificateLoader.cs
+++ b/src/dotnet-serve/Security/CertificateLoader.cs
@@ -159,7 +159,18 @@ private static X509Certificate2 LoadDeveloperCertificate()
 
             if (certs.Count > 1)
             {
-                throw new InvalidOperationException($"Ambiguous certficiate match. Multiple certificates found with extension '{AspNetHttpsOid}' ({AspNetHttpsOidFriendlyName}).");
+                // Returning a certificate which has the latest expiry date
+                var expiryDate = DateTime.MinValue;
+                var thumbprint = string.Empty;
+                foreach (var certificate in certs)
+                {
+                    if (certificate.NotAfter > expiryDate)
+                    {
+                        expiryDate = certificate.NotAfter;
+                        thumbprint = certificate.Thumbprint;
+                    }
+                }
+                return certs.Find(X509FindType.FindByThumbprint, thumbprint, validOnly: false)[0];
             }
 
             return null;