/tls/status — Add `not_after` field with a valid certificate expiration date.
This commit is contained in:
parent
571be68733
commit
e8280c60d8
|
@ -72,6 +72,7 @@ type tlsConfigSettings struct {
|
|||
|
||||
// field ordering is not important -- these are for API and are recalculated on each run
|
||||
type tlsConfigStatus struct {
|
||||
NotAfter string `yaml:"-" json:"not_after,omitempty"`
|
||||
StatusCertificate string `yaml:"-" json:"status_cert,omitempty"`
|
||||
StatusKey string `yaml:"-" json:"status_key,omitempty"`
|
||||
Warning string `yaml:"-" json:"warning,omitempty"`
|
||||
|
|
|
@ -1171,6 +1171,7 @@ func validateCertificates(data tlsConfig) (tlsConfig, error) {
|
|||
// update status
|
||||
if mainCert != nil {
|
||||
notAfter := mainCert.NotAfter
|
||||
data.NotAfter = notAfter.Format(time.RFC3339)
|
||||
data.StatusCertificate = fmt.Sprintf("Certificate expires on %s", notAfter) //, valid for hostname %s", mainCert.NotAfter, mainCert.Subject.CommonName)
|
||||
if len(mainCert.DNSNames) == 1 {
|
||||
data.StatusCertificate += fmt.Sprintf(", valid for hostname %s", mainCert.DNSNames[0])
|
||||
|
|
Loading…
Reference in New Issue