[pve-devel] [PATCH manager 2/2] pveupdate: improve cert renew log messages
Fabian Grünbichler
f.gruenbichler at proxmox.com
Tue Sep 9 12:04:48 CEST 2025
by explicitly checking for already expired certificates and adapting the
message in that case.
Signed-off-by: Fabian Grünbichler <f.gruenbichler at proxmox.com>
---
bin/pveupdate | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/bin/pveupdate b/bin/pveupdate
index 9984c9369..c5356c885 100755
--- a/bin/pveupdate
+++ b/bin/pveupdate
@@ -125,7 +125,10 @@ eval {
PVE::Tools::run_command(['systemctl', 'reload-or-restart', 'pveproxy']);
};
- if (PVE::Certificate::check_expiry($certpath, time() + 14 * 24 * 60 * 60)) {
+ if (PVE::Certificate::check_expiry($certpath)) {
+ # already expired
+ $renew->("expired, renewing...");
+ } elsif (PVE::Certificate::check_expiry($certpath, time() + 14 * 24 * 60 * 60)) {
# expires in next 2 weeks
$renew->("expires soon, renewing...");
} elsif (!PVE::Certificate::check_expiry($certpath, time() + 2 * 365 * 24 * 60 * 60)) {
--
2.47.3
More information about the pve-devel
mailing list