kaffa/haproxy-mcp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Change cert renewal period from 30 to 60 days after issuance

Browse Source 
acme.sh default --days is 30, which triggers renewal 60 days before
expiry. Setting --days 60 aligns with the common practice of renewing
30 days before the 90-day certificate expires.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
kappa
2026-02-08 20:19:11 +09:00
parent e0dd3807c6
commit c490ee8673
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
haproxy_mcp/tools/certificates.py
View File

@@ -231,7 +231,7 @@ def _haproxy_issue_cert_impl(domain: str, wildcard: bool) -> str:
cmd = [ACME_SH, "--issue", "--dns", "dns_cf", "-d", domain] cmd = [ACME_SH, "--issue", "--dns", "dns_cf", "-d", domain]
if wildcard: if wildcard:
cmd.extend(["-d", f"*.{domain}"]) cmd.extend(["-d", f"*.{domain}"])
cmd.extend(["--reloadcmd", reload_cmd]) cmd.extend(["--days", "60", "--reloadcmd", reload_cmd])
try: try:
logger.info("Issuing certificate for %s", domain) logger.info("Issuing certificate for %s", domain)