push.rocks/smartacme
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(acme): parse issued certificate expiry from X.509 metadata and update build compatibility for dependency upgrades

Browse Source
This commit is contained in:
Jürgen Kunz
2026-03-27 22:21:16 +00:00
parent ab0ca6ccc3
commit 75def30b0a
15 changed files with 831 additions and 794 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
ts/smartacme.classes.smartacme.ts
View File

@@ -85,21 +85,21 @@ export class SmartAcme {
private options: ISmartAcmeOptions;
// the acme client
private client: plugins.acme.AcmeClient;
private client!: plugins.acme.AcmeClient;
private smartdns = new plugins.smartdnsClient.Smartdns({});
public logger: plugins.smartlog.Smartlog;
// the account private key
private privateKey: string;
private privateKey!: string;
// certificate manager for persistence (implements ICertManager)
public certmanager: ICertManager;
public certmanager!: ICertManager;
// configured pluggable ACME challenge handlers
public challengeHandlers: plugins.handlers.IChallengeHandler<any>[];
private certmatcher: SmartacmeCertMatcher;
private certmatcher!: SmartacmeCertMatcher;
// retry/backoff configuration (resolved with defaults)
private retryOptions: { retries: number; factor: number; minTimeoutMs: number; maxTimeoutMs: number };
// track pending DNS challenges for graceful shutdown
@@ -558,6 +558,16 @@ export class SmartAcme {
// ── Step: store ───────────────────────────────────────────────────────
this.certIssuanceTask.notifyStep('store');
// Parse real X509 expiry from the issued PEM certificate
let validUntil: number;
try {
const x509 = new plugins.crypto.X509Certificate(cert.toString());
validUntil = new Date(x509.validTo).getTime();
} catch {
// Fallback to 90-day estimate if PEM parsing fails
validUntil = Date.now() + plugins.smarttime.getMilliSecondsFromUnits({ days: 90 });
}
const certRecord = new SmartacmeCert({
id: plugins.smartunique.shortId(),
domainName: certDomainName,
@@ -565,7 +575,7 @@ export class SmartAcme {
publicKey: cert.toString(),
csr: csr.toString(),
created: Date.now(),
validUntil: Date.now() + plugins.smarttime.getMilliSecondsFromUnits({ days: 90 }),
validUntil,
});
await this.certmanager.storeCertificate(certRecord);