Certificate expiry dates are being wiped

Alan

I suspected it, but have now confirmed from yesterday to today, there has been some sort of change around checking certificate expiries. If the overnight job to check a cert can't get a date, it erases whatever is there. eg, we have an issue with an Exchange webmail that it isn't available currently, and overnight, it's now back to 55 years, rather than it's actual expiry date.

I updated 3 certs yesterday that can't be checked (Apple MDM token, Apple SCIM token etc) and now they don't have dates and are back to 55 years ago. This needs to revert (or a check made) that if you can't get a date, don't remove the one that's in there… No idea how many we've lost as a result…

wrongecho

Alan

I hate to say there is no change. I noticed this a while ago but never got around to fixing it.

Alan

Weird, I know it was holding them a while ago (I think), then noticed yesterday they were missing, so re-added, and then they're missing today, hence reporting…

wrongecho

The last real update to that script was 5 months ago, here (the commit 2 weeks ago was adding a line).

Definitely an issue we should fix though.

wrongecho

Let's see if this helps

itflow-org/itflow1080

Alan

Maaaagic!

Update applied, 4 dates in two clients added and we'll see how it runs overnight with the regular processes.

Alan

Yep, dates are still in after the overnight cron etc. Thanks muchly!

wrongecho

Alan

Fantastic!! You're welcome 🙂