ignore rotated certs, since there is a new cert that can be used

2020-10-26 18:34:21 -07:00 · 2020-10-26 18:34:21 -07:00 · 1ef6139f9b
parent 6a1b4b4857
commit 1ef6139f9b
1 changed files with 3 additions and 0 deletions
--- a/lemur/certificates/service.py
+++ b/lemur/certificates/service.py
@ -567,6 +567,7 @@ def query_common_name(common_name, args):
        result = (
            Certificate.query.filter(Certificate.not_after >= current_time.format("YYYY-MM-DD"))
            .filter(not_(Certificate.revoked))
+            .filter(not_(Certificate.replaced.any()))  # ignore rotated certificates to avoid duplicates
            .all()
        )
    elif common_name == "%":
@ -575,6 +576,7 @@ def query_common_name(common_name, args):
            Certificate.query.filter(Certificate.not_after >= current_time.format("YYYY-MM-DD"))
            .filter(Certificate.owner == owner)
            .filter(not_(Certificate.revoked))
+            .filter(not_(Certificate.replaced.any()))  # ignore rotated certificates to avoid duplicates
            .all()
        )
    else:
@ -584,6 +586,7 @@ def query_common_name(common_name, args):
            .filter(Certificate.cn.like(common_name))
            .filter(Certificate.owner == owner)
            .filter(not_(Certificate.revoked))
+            .filter(not_(Certificate.replaced.any()))  # ignore rotated certificates to avoid duplicates
            .all()
        )