diff options
| author | elijah <elijah@riseup.net> | 2014-12-08 14:36:10 -0800 |
|---|---|---|
| committer | elijah <elijah@riseup.net> | 2014-12-08 14:36:10 -0800 |
| commit | 1dee31e3ebf69d4fe392633881d7c78dd94dc0c8 (patch) | |
| tree | a0bc779b2911f85816197fd4a2e2ba66ded4c110 | |
| parent | e2a066dec8af7aae421401c9b9cb30752e7aa0d6 (diff) | |
give error if cert has already expired. closes #6484
| -rw-r--r-- | lib/leap_cli/commands/ca.rb | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/lib/leap_cli/commands/ca.rb b/lib/leap_cli/commands/ca.rb index 579e305..357792f 100644 --- a/lib/leap_cli/commands/ca.rb +++ b/lib/leap_cli/commands/ca.rb @@ -238,8 +238,12 @@ module LeapCli; module Commands dns_names_for_node(node).each do |domain| if file_exists?([:commercial_cert, domain]) cert = load_certificate_file([:commercial_cert, domain]) - if cert.not_after < months_from_yesterday(2) - log :warning, "the commercial certificate '#{Path.relative_path([:commercial_cert, domain])}' will expire soon. "+ + path = Path.relative_path([:commercial_cert, domain]) + if cert.not_after < Time.now.utc + log :error, "the commercial certificate '#{path}' has EXPIRED! " + + "You should renew it with `leap cert csr --domain #{domain}`." + elsif cert.not_after < months_from_yesterday(2) + log :warning, "the commercial certificate '#{path}' will expire soon. "+ "You should renew it with `leap cert csr --domain #{domain}`." end end |