Merge pull request #3105 from charhate/validity

Remove 397 days validation as it causes error in API calls
This commit is contained in:
Hossein Shafagh 2020-08-25 16:33:54 -07:00 committed by GitHub
commit 2b64959953
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 0 additions and 12 deletions

View File

@ -152,18 +152,6 @@ def dates(data):
data["authority"].authority_certificate.not_after
)
)
# Allow no more than PUBLIC_CA_MAX_VALIDITY_DAYS (Default: 397) days of validity
# for certs issued by public CA
# The list of public issuers can be managed through a config named PUBLIC_CA
public_CA = current_app.config.get("PUBLIC_CA_AUTHORITY_NAMES", [])
if data["authority"].name.lower() in [ca.lower() for ca in public_CA]:
max_validity_days = current_app.config.get("PUBLIC_CA_MAX_VALIDITY_DAYS", 397)
if (
(data.get("validity_end").date() - data.get("validity_start").date()).days
> max_validity_days
):
raise ValidationError("Certificate cannot be valid for more than " +
str(max_validity_days) + " days")
return data