Révision 94066132
[ssl-certificate-expiry] add env.skip_cert_hashes to skip certificates
This fix allows to skip validity checks on any intermediate certificate
which subject hash appears in the list.
Let's Encrypt certificates are cross-signed by both DST Root CA X3 and
ISRG Root X1. DST Root CA X3 has expired on 2021-09-30 [0], which causes
the plugin to incorrectly report some full-chain LE certificates as
expired.
[0] https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/
Signed-off-by: Olivier Mehani <shtrom@ssji.net>
Fichiers
- ajouté
- modifié
- copié
- renommé
- supprimé