Fix: Do not list expired certificates

as already documented in help text Signed-off-by: Knut Ahlers <knut@ahlers.me>
2024-11-08 16:20:05 +00:00 · 2018-06-14 20:58:45 +02:00 · 2018-06-14 20:58:45 +02:00 · da8b466e70
commit da8b466e70
parent 646e92832f
1 changed files with 6 additions and 0 deletions
--- a/cmd/helpers.go
+++ b/cmd/helpers.go
@ -36,6 +36,12 @@ func fetchCertificateBySerial(serial string) (*x509.Certificate, bool, error) {

 	data, _ := pem.Decode([]byte(cs.Data["certificate"].(string)))
 	cert, err := x509.ParseCertificate(data.Bytes)
+
+	if cert.NotAfter.Before(time.Now()) {
+		// Hide expired certs (they will not get the revoke-timestamp set on revoke)
+		revoked = true
+	}
+
 	return cert, revoked, err
 }