From ccebcfdf66b425656ffa4d5972d36730a1c9eedc Mon Sep 17 00:00:00 2001 From: Jacky Date: Sat, 28 Jun 2025 08:33:21 +0800 Subject: [PATCH] enhance(auto-cert): update ignore condition --- .devcontainer/pebble-test/config/pebble-config.json | 2 +- internal/cert/auto_cert.go | 13 +++++++++++-- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/.devcontainer/pebble-test/config/pebble-config.json b/.devcontainer/pebble-test/config/pebble-config.json index be398b8c..a7603753 100644 --- a/.devcontainer/pebble-test/config/pebble-config.json +++ b/.devcontainer/pebble-test/config/pebble-config.json @@ -20,7 +20,7 @@ }, "shortlived": { "description": "A short-lived cert profile, without actual enforcement", - "validityPeriod": 518400 + "validityPeriod": 7776000 } } } diff --git a/internal/cert/auto_cert.go b/internal/cert/auto_cert.go index 98a7e724..8e60e362 100644 --- a/internal/cert/auto_cert.go +++ b/internal/cert/auto_cert.go @@ -61,8 +61,17 @@ func autoCert(certModel *model.Cert) { notification.Error("Renew Certificate Error", strings.Join(certModel.Domains, ", "), nil) return } - if int(time.Now().Sub(certInfo.NotBefore).Hours()/24) < settings.CertSettings.GetCertRenewalInterval() { - // not after settings.ServerSettings.RenewalInterval, ignore + + // Calculate certificate age (days since NotBefore) + certAge := int(time.Since(certInfo.NotBefore).Hours() / 24) + // Calculate days until expiration + daysUntilExpiration := int(time.Until(certInfo.NotAfter).Hours() / 24) + + // Skip renewal only if: + // 1. Certificate age is less than renewal interval AND + // 2. Certificate has more than 6 days remaining before expiration + if certAge < settings.CertSettings.GetCertRenewalInterval() && daysUntilExpiration > 6 { + // Certificate is too young and not expiring soon, ignore return }