Accept existing certs in any order

This is how Let's Encrypt's rate limits are enforced.

dotege.go

@@ -37,7 +37,7 @@ var (
 	logger             *zap.SugaredLogger
 	certificateManager *CertificateManager
 	dockerClient       *client.Client
-	config             = createConfig()
+	config             *Config
 	containers         = make(map[string]*Container)
 )
 
@@ -88,6 +88,7 @@ func main() {
 	logger.Info("Dotege is starting")
 
 	doneChan := monitorSignals()
+	config = createConfig()
 
 	var err error
 	dockerStopChan := make(chan struct{})

lego.go

@@ -216,9 +216,6 @@ func domainsMatch(domains1, domains2 []string) bool {
 	if len(domains1) != len(domains2) {
 		return false
 	}
-	if domains1[0] != domains2[0] {
-		return false
-	}
 	sort.Strings(domains1)
 	sort.Strings(domains2)
 	for i := range domains1 {

lego_test.go

@@ -17,7 +17,7 @@ func Test_domainsMatch(t *testing.T) {
 		{"matching subject missing sans", args{[]string{"example.com", "example.org"}, []string{"example.com"}}, false},
 		{"matching subject extra sans", args{[]string{"example.com"}, []string{"example.com", "example.org"}}, false},
 		{"matching subject different sans", args{[]string{"example.com", "example.org"}, []string{"example.com", "example.net"}}, false},
-		{"mismatched subject and san", args{[]string{"example.org", "example.com"}, []string{"example.com", "example.org"}}, false},
+		{"mismatched subject and san", args{[]string{"example.org", "example.com"}, []string{"example.com", "example.org"}}, true},
 		{"reordered sans", args{[]string{"example.org", "example.com", "example.net"}, []string{"example.org", "example.net", "example.com"}}, true},
 	}
 	for _, tt := range tests {