refactor: validity checker ignore acme certificate

src/acme/mod.rs

@@ -53,6 +53,7 @@ pub struct CertificateInfo {
     pub not_after: i64,
     pub not_before: i64,
     pub issuer: String,
+    pub acme: Option<String>,
 }
 
 impl CertificateInfo {
@@ -84,6 +85,7 @@ pub fn get_certificate_info(data: &[u8]) -> Result<CertificateInfo> {
         not_before: validity.not_before.timestamp(),
         not_after: validity.not_after.timestamp(),
         issuer: x509.issuer().to_string(),
+        ..Default::default()
     })
 }
 

src/acme/validity_checker.rs

@@ -33,6 +33,10 @@ fn validity_check(
 ) -> Result<(), String> {
     let now = util::now().as_secs() as i64;
     for (name, cert) in validity_list.iter() {
+        // acme certificate will auto update
+        if cert.acme.is_some() {
+            continue;
+        }
         // will expire check
         if now > cert.not_after - time_offset {
             let message = format!(
@@ -120,6 +124,7 @@ mod tests {
                         .unwrap()
                         .timestamp(),
                     issuer: "pingap".to_string(),
+                    ..Default::default()
                 },
             )],
             7 * 24 * 3600,
@@ -141,6 +146,7 @@ mod tests {
                         .unwrap()
                         .timestamp(),
                     issuer: "pingap".to_string(),
+                    ..Default::default()
                 },
             )],
             7 * 24 * 3600,

src/proxy/dynamic_certificate.rs

@@ -99,10 +99,11 @@ fn parse_certificate(
                 "",
             )
         };
-    let info = get_certificate_info(&cert).map_err(|e| Error::Invalid {
+    let mut info = get_certificate_info(&cert).map_err(|e| Error::Invalid {
         category: "get_certificate_info".to_string(),
         message: e.to_string(),
     })?;
+    info.acme = certificate_config.acme.clone();
 
     let hash_key = certificate_config.hash_key();