forked from TrueCloudLab/certificates
Allow to customize the minimal cert duration for tests.
This commit is contained in:
parent
10aaece1b0
commit
25ddbaedff
1 changed files with 4 additions and 2 deletions
|
@ -14,6 +14,8 @@ import (
|
||||||
// certificate.
|
// certificate.
|
||||||
type RenewFunc func() (*tls.Certificate, error)
|
type RenewFunc func() (*tls.Certificate, error)
|
||||||
|
|
||||||
|
var minCertDuration = time.Minute
|
||||||
|
|
||||||
// TLSRenewer automatically renews a tls certificate using a RenewFunc.
|
// TLSRenewer automatically renews a tls certificate using a RenewFunc.
|
||||||
type TLSRenewer struct {
|
type TLSRenewer struct {
|
||||||
sync.RWMutex
|
sync.RWMutex
|
||||||
|
@ -58,8 +60,8 @@ func NewTLSRenewer(cert *tls.Certificate, fn RenewFunc, opts ...tlsRenewerOption
|
||||||
}
|
}
|
||||||
|
|
||||||
period := cert.Leaf.NotAfter.Sub(cert.Leaf.NotBefore)
|
period := cert.Leaf.NotAfter.Sub(cert.Leaf.NotBefore)
|
||||||
if period < time.Minute {
|
if period < minCertDuration {
|
||||||
return nil, errors.Errorf("period must be greater than or equal to 1 Minute, but got %v.", period)
|
return nil, errors.Errorf("period must be greater than or equal to %s, but got %v.", minCertDuration, period)
|
||||||
}
|
}
|
||||||
// By default we will try to renew the cert before 2/3 of the validity
|
// By default we will try to renew the cert before 2/3 of the validity
|
||||||
// period have expired.
|
// period have expired.
|
||||||
|
|
Loading…
Reference in a new issue