From bdec98f18e0c8bf0e12b521b9ed6e11d9e6edb8f Mon Sep 17 00:00:00 2001 From: Eugene Bujak Date: Wed, 13 Feb 2019 11:08:44 +0300 Subject: [PATCH] Properly calculate if certificate expires in 30 minutes or not. --- control.go | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/control.go b/control.go index 9a4bc85e..8b9e8d22 100644 --- a/control.go +++ b/control.go @@ -1167,7 +1167,8 @@ func validateCertificates(data tlsConfig) (tlsConfig, error) { // update status if mainCert != nil { - data.StatusCertificate = fmt.Sprintf("Certificate expires on %s", mainCert.NotAfter) //, valid for hostname %s", mainCert.NotAfter, mainCert.Subject.CommonName) + notAfter := mainCert.NotAfter + data.StatusCertificate = fmt.Sprintf("Certificate expires on %s", notAfter) //, valid for hostname %s", mainCert.NotAfter, mainCert.Subject.CommonName) if len(mainCert.DNSNames) == 1 { data.StatusCertificate += fmt.Sprintf(", valid for hostname %s", mainCert.DNSNames[0]) } else if len(mainCert.DNSNames) > 1 { @@ -1176,8 +1177,8 @@ func validateCertificates(data tlsConfig) (tlsConfig, error) { // issue a warning if certificate is about to expire now := time.Now() - if mainCert.NotAfter.AddDate(0, 0, -30).After(now) { - timeLeft := time.Until(mainCert.NotAfter) + if now.AddDate(0, 0, 30).After(notAfter) { + timeLeft := notAfter.Sub(now) if timeLeft > 0 { data.Warning = fmt.Sprintf("Your certificate expires in %.0f days, we recommend you update it soon", timeLeft.Hours()/24) } else {