status report: Only provide comparison date when certificate exists

If the certificate does not exist then the database date is used. The database date is a shortened ISO-8601 date, the certifcate date is presented in a completely different format. Omit the calculated "seconds since epoch" double check via 'date', when the certificate does not exist. Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
2023-04-08 23:41:01 +01:00 · 2023-04-08 23:41:01 +01:00 · a9b7c6a8a4
commit a9b7c6a8a4
parent 867333d67e
1 changed files with 63 additions and 54 deletions
--- a/easyrsa3/easyrsa
+++ b/easyrsa3/easyrsa
@ -4372,9 +4372,12 @@ read_db() {
 # Expire status
 expire_status() {
 	# The certificate for CN ahould exist but may not
+	unset -v expire_status_cert_exists
 	if [ -e "$cert_issued" ]; then

 		verbose "expire_status: cert exists"
+		expire_status_cert_exists=1
+
 		# get the serial number of the certificate
 		ssl_cert_serial "$cert_issued" cert_serial

@ -4418,8 +4421,12 @@ expire_status(): FALL-BACK completed"
 		cert_not_after_date=
 		db_date_to_iso_8601_date \
 			"$db_notAfter" cert_not_after_date
+		# Cert does not exist
 	fi

+	# Only verify if there is a certificate
+	if [ "$expire_status_cert_exists" ]; then
+
 		# Get timestamp seconds for certificate expiry date
 		# Redirection for errout is not necessary here
 		cert_expire_date_s=
@ -4506,6 +4513,7 @@ FALL-BACK to default SSL date format"
 			verbose "\
 expire_status: FALL-BACK completed"
 		fi
+	fi

 	# Convert number of days to a timestamp in seconds
 	cutoff_date_s=
@ -5917,7 +5925,8 @@ while :; do
 	-S|--silent-ssl)
 		empty_ok=1
 		export EASYRSA_SILENT_SSL=1
-		save_EASYRSA_SILENT_SSL=1
+		# This will probably be need
+		#save_EASYRSA_SILENT_SSL=1
 		;;
 	--no-safe-ssl)
 		empty_ok=1