diff --git a/lemur/certificates/service.py b/lemur/certificates/service.py
index 544c03d8..5a65c383 100644
--- a/lemur/certificates/service.py
+++ b/lemur/certificates/service.py
@@ -329,12 +329,14 @@ def render(args):
"""
query = database.session_query(Certificate)
- time_range = args.pop("time_range")
- if not time_range:
- six_month_old = arrow.now()\
- .shift(months=current_app.config.get("HIDE_EXPIRED_CERTS_AFTER_MONTHS", -6))\
+ show_expired = args.pop("showExpired")
+ if show_expired != 1:
+ one_month_old = arrow.now()\
+ .shift(months=current_app.config.get("HIDE_EXPIRED_CERTS_AFTER_MONTHS", -1))\
.format("YYYY-MM-DD")
- query = query.filter(Certificate.not_after > six_month_old)
+ query = query.filter(Certificate.not_after > one_month_old)
+
+ time_range = args.pop("time_range")
destination_id = args.pop("destination_id")
notification_id = args.pop("notification_id", None)
@@ -445,7 +447,7 @@ def query_name(certificate_name, args):
def query_common_name(common_name, args):
"""
- Helper function that queries for not expired certificates by common name and owner which have auto-rotate enabled
+ Helper function that queries for not expired certificates by common name (and owner)
:param common_name:
:param args:
@@ -462,7 +464,6 @@ def query_common_name(common_name, args):
Certificate.query.filter(Certificate.cn.ilike(common_name))
.filter(Certificate.owner.ilike(owner))
.filter(Certificate.not_after >= current_time.format("YYYY-MM-DD"))
- .filter(Certificate.rotation.is_(True))
.all()
)
diff --git a/lemur/certificates/views.py b/lemur/certificates/views.py
index 61a74a59..1a003e78 100644
--- a/lemur/certificates/views.py
+++ b/lemur/certificates/views.py
@@ -347,6 +347,7 @@ class CertificatesList(AuthenticatedResource):
)
parser.add_argument("creator", type=str, location="args")
parser.add_argument("show", type=str, location="args")
+ parser.add_argument("showExpired", type=int, location="args")
args = parser.parse_args()
args["user"] = g.user
diff --git a/lemur/plugins/lemur_vault_dest/plugin.py b/lemur/plugins/lemur_vault_dest/plugin.py
index 58a6dc18..b6d1ed75 100644
--- a/lemur/plugins/lemur_vault_dest/plugin.py
+++ b/lemur/plugins/lemur_vault_dest/plugin.py
@@ -67,14 +67,14 @@ class VaultSourcePlugin(SourcePlugin):
"name": "vaultPath",
"type": "str",
"required": True,
- "validation": "^([a-zA-Z0-9_-]+/?)+$",
+ "validation": "^([a-zA-Z0-9._-]+/?)+$",
"helpMessage": "Must be a valid Vault secrets path",
},
{
"name": "objectName",
"type": "str",
"required": True,
- "validation": "[0-9a-zA-Z:_-]+",
+ "validation": "[0-9a-zA-Z.:_-]+",
"helpMessage": "Object Name to search",
},
]
@@ -177,14 +177,14 @@ class VaultDestinationPlugin(DestinationPlugin):
"name": "vaultPath",
"type": "str",
"required": True,
- "validation": "^([a-zA-Z0-9_-]+/?)+$",
+ "validation": "^([a-zA-Z0-9._-]+/?)+$",
"helpMessage": "Must be a valid Vault secrets path",
},
{
"name": "objectName",
"type": "str",
"required": False,
- "validation": "[0-9a-zA-Z:_-]+",
+ "validation": "[0-9a-zA-Z.:_-]+",
"helpMessage": "Name to bundle certs under, if blank use cn",
},
{
diff --git a/lemur/static/app/angular/certificates/certificate/tracking.tpl.html b/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
index 573510cd..19d8f37f 100644
--- a/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
+++ b/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
@@ -30,7 +30,7 @@
Filter
+
+
+