/tls/status — Add `not_after` field with a valid certificate expiration date.

This commit is contained in:
Eugene Bujak 2019-02-13 11:46:11 +03:00 committed by Eugene Bujak
parent 571be68733
commit e8280c60d8
2 changed files with 2 additions and 0 deletions

View File

@ -72,6 +72,7 @@ type tlsConfigSettings struct {
// field ordering is not important -- these are for API and are recalculated on each run
type tlsConfigStatus struct {
NotAfter string `yaml:"-" json:"not_after,omitempty"`
StatusCertificate string `yaml:"-" json:"status_cert,omitempty"`
StatusKey string `yaml:"-" json:"status_key,omitempty"`
Warning string `yaml:"-" json:"warning,omitempty"`

View File

@ -1171,6 +1171,7 @@ func validateCertificates(data tlsConfig) (tlsConfig, error) {
// update status
if mainCert != nil {
notAfter := mainCert.NotAfter
data.NotAfter = notAfter.Format(time.RFC3339)
data.StatusCertificate = fmt.Sprintf("Certificate expires on %s", notAfter) //, valid for hostname %s", mainCert.NotAfter, mainCert.Subject.CommonName)
if len(mainCert.DNSNames) == 1 {
data.StatusCertificate += fmt.Sprintf(", valid for hostname %s", mainCert.DNSNames[0])