fix(certs): Populate certificate status for cert-store-loaded certificates after SmartProxy startup and check proxy-certs in opsserver certificate handler

2026-02-16 01:58:39 +00:00
parent cd957526e2
commit 121573de2f
7 changed files with 62 additions and 12 deletions
--- a/ts/classes.dcrouter.ts
+++ b/ts/classes.dcrouter.ts
@@ -444,7 +444,10 @@ export class DcRouter {
    // If we have routes or need a basic SmartProxy instance, create it
    if (routes.length > 0 || this.options.smartProxyConfig) {
      console.log('Setting up SmartProxy with combined configuration');
-      
+
+      // Track domains loaded from cert store so we can populate certificateStatusMap after start
+      const loadedCertDomains: string[] = [];
+
      // Create SmartProxy configuration
      const smartProxyConfig: plugins.smartproxy.ISmartProxyOptions = {
        ...this.options.smartProxyConfig,
@@ -456,7 +459,10 @@ export class DcRouter {
            const certs: Array<{ domain: string; publicKey: string; privateKey: string; ca?: string }> = [];
            for (const key of keys) {
              const data = await this.storageManager.getJSON(key);
-              if (data) certs.push(data);
+              if (data) {
+                certs.push(data);
+                loadedCertDomains.push(data.domain);
+              }
            }
            return certs;
          },
@@ -579,7 +585,36 @@ export class DcRouter {
      console.log('[DcRouter] Starting SmartProxy...');
      await this.smartProxy.start();
      console.log('[DcRouter] SmartProxy started successfully');
-      
+
+      // Populate certificateStatusMap for certs loaded from store at startup
+      for (const domain of loadedCertDomains) {
+        if (!this.certificateStatusMap.has(domain)) {
+          const routeNames = this.findRouteNamesForDomain(domain);
+          let expiryDate: string | undefined;
+          let issuedAt: string | undefined;
+          try {
+            const cleanDomain = domain.replace(/^\*\.?/, '');
+            const certMeta = await this.storageManager.getJSON(`/certs/${cleanDomain}`);
+            if (certMeta?.validUntil) {
+              expiryDate = new Date(certMeta.validUntil).toISOString();
+            }
+            if (certMeta?.created) {
+              issuedAt = new Date(certMeta.created).toISOString();
+            }
+          } catch { /* no metadata available */ }
+          this.certificateStatusMap.set(domain, {
+            status: 'valid',
+            routeNames,
+            expiryDate,
+            issuedAt,
+            source: 'cert-store',
+          });
+        }
+      }
+      if (loadedCertDomains.length > 0) {
+        console.log(`[DcRouter] Populated certificate status for ${loadedCertDomains.length} store-loaded domain(s)`);
+      }
+
      console.log(`SmartProxy started with ${routes.length} routes`);
    }
  }