mirror of
https://github.com/Luzifer/vault-openvpn.git
synced 2024-12-25 14:21:21 +00:00
Fix: Do not list expired certificates
as already documented in help text Signed-off-by: Knut Ahlers <knut@ahlers.me>
This commit is contained in:
parent
646e92832f
commit
da8b466e70
1 changed files with 6 additions and 0 deletions
|
@ -36,6 +36,12 @@ func fetchCertificateBySerial(serial string) (*x509.Certificate, bool, error) {
|
||||||
|
|
||||||
data, _ := pem.Decode([]byte(cs.Data["certificate"].(string)))
|
data, _ := pem.Decode([]byte(cs.Data["certificate"].(string)))
|
||||||
cert, err := x509.ParseCertificate(data.Bytes)
|
cert, err := x509.ParseCertificate(data.Bytes)
|
||||||
|
|
||||||
|
if cert.NotAfter.Before(time.Now()) {
|
||||||
|
// Hide expired certs (they will not get the revoke-timestamp set on revoke)
|
||||||
|
revoked = true
|
||||||
|
}
|
||||||
|
|
||||||
return cert, revoked, err
|
return cert, revoked, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue