From 2d5add5a13f63728716252ee4b4e14eb709f6cd5 Mon Sep 17 00:00:00 2001 From: Arlon1 Date: Thu, 16 May 2019 15:31:50 +0200 Subject: [PATCH] acme: changed the threshold for certificate renewal The threshold for certificate renewal is changed to 30 days before expiry date (was 14 days). fixes #2607 --- data/Dockerfiles/acme/docker-entrypoint.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/data/Dockerfiles/acme/docker-entrypoint.sh b/data/Dockerfiles/acme/docker-entrypoint.sh index 780b88b9..67a4ee67 100755 --- a/data/Dockerfiles/acme/docker-entrypoint.sh +++ b/data/Dockerfiles/acme/docker-entrypoint.sh @@ -428,8 +428,8 @@ while true; do if [[ ${SAN_CHANGE} == 0 ]]; then # Certificate did not change but could be due for renewal (4 weeks) - if ! openssl x509 -checkend 1209600 -noout -in ${ACME_BASE}/cert.pem; then - log_f "Certificate is due for renewal (< 2 weeks)" + if ! openssl x509 -checkend 2592000 -noout -in ${ACME_BASE}/cert.pem; then + log_f "Certificate is due for renewal (< 30 days)" else log_f "Certificate validation done, neither changed nor due for renewal, sleeping for another day." sleep 1d