Infra/lemur
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Cert validity should not exceed 397 days for publicly trusted issuers

Browse Source
This commit is contained in:
sayali
2020-08-10 17:30:34 -07:00
parent 9bcfcebb3a
commit 7a83799bcd
2 changed files with 15 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lemur/plugins/lemur_digicert/plugin.py
View File

@ -82,11 +82,11 @@ def determine_end_date(end_date):
:param end_date:
:return: validity_end
"""
default_years = current_app.config.get("DIGICERT_DEFAULT_VALIDITY", 1)
max_validity_end = arrow.utcnow().shift(years=current_app.config.get("DIGICERT_MAX_VALIDITY", default_years))
default_days = current_app.config.get("DIGICERT_DEFAULT_VALIDITY_DAYS", 397)
max_validity_end = arrow.utcnow().shift(days=current_app.config.get("DIGICERT_MAX_VALIDITY_DAYS", default_days))
if not end_date:
end_date = arrow.utcnow().shift(years=default_years)
end_date = arrow.utcnow().shift(days=default_days)
if end_date > max_validity_end:
end_date = max_validity_end