1
0
Fork 0
mirror of https://github.com/Luzifer/vault-openvpn.git synced 2024-12-25 06:11:21 +00:00

Fix: Do not list expired certificates

as already documented in help text

Signed-off-by: Knut Ahlers <knut@ahlers.me>
This commit is contained in:
Knut Ahlers 2018-06-14 20:58:45 +02:00
parent 646e92832f
commit da8b466e70
Signed by: luzifer
GPG key ID: DC2729FDD34BE99E

View file

@ -36,6 +36,12 @@ func fetchCertificateBySerial(serial string) (*x509.Certificate, bool, error) {
data, _ := pem.Decode([]byte(cs.Data["certificate"].(string)))
cert, err := x509.ParseCertificate(data.Bytes)
if cert.NotAfter.Before(time.Now()) {
// Hide expired certs (they will not get the revoke-timestamp set on revoke)
revoked = true
}
return cert, revoked, err
}