Fixed to prevent revocation of expired certificates (#430)

* Fixed to prevent revocation of expired certificates

* Update arm template

KeyVault.Acmebot/Internal/CertificateExtensions.cs

@@ -47,7 +47,8 @@ public static CertificateItem ToCertificateItem(this KeyVaultCertificateWithPoli
                 KeyType = certificate.Policy.KeyType?.ToString(),
                 KeySize = certificate.Policy.KeySize,
                 KeyCurveName = certificate.Policy.KeyCurveName?.ToString(),
-                ReuseKey = certificate.Policy.ReuseKey
+                ReuseKey = certificate.Policy.ReuseKey,
+                IsExpired = DateTimeOffset.UtcNow > certificate.Properties.ExpiresOn.Value
             };
         }
 

KeyVault.Acmebot/Models/CertificateItem.cs

@@ -39,5 +39,8 @@ public class CertificateItem
 
         [JsonProperty("isManaged")]
         public bool IsManaged { get; set; }
+
+        [JsonProperty("isExpired")]
+        public bool IsExpired { get; set; }
     }
 }

KeyVault.Acmebot/wwwroot/dashboard/index.html

@@ -11,6 +11,9 @@
         flex-grow: 2;
       }
     }
+    td {
+      vertical-align: middle !important;
+    }
   </style>
   <script src="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/js/all.min.js" integrity="sha512-Tn2m0TIpgVyTzzvmxLNuqbSJH3JP8jm+Cy3hvHrW7ndTDcJ1w5mBiksqDBb8GpE2ksktFvDB/ykZ0mDpsZj20w==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
 </head>
@@ -49,7 +52,7 @@ <h2 class="title is-4">
             </tr>
           </thead>
           <tbody>
-            <tr v-for="certificate in managedCertificates">
+            <tr v-for="certificate in managedCertificates" :class="{ 'has-background-danger-light': certificate.isExpired }">
               <td>{{ certificate.name }}</td>
               <td>
                 <div class="tags">
@@ -400,7 +403,7 @@ <h2 class="title is-4">Unmanaged certificates</h2>
             </section>
             <footer class="modal-card-foot is-justify-content-flex-end">
               <button class="button is-primary" @click="renewCertificate" :class="{ 'is-loading': details.sending }">Renew</button>
-              <button class="button is-danger" @click="revokeCertificate" :class="{ 'is-loading': details.sending }" v-if="details.certificate.isManaged">Revoke</button>
+              <button class="button is-danger" @click="revokeCertificate" :class="{ 'is-loading': details.sending }" v-if="details.certificate.isManaged && !details.certificate.isExpired">Revoke</button>
               <button class="button" @click="details.modalActive = false" :disabled="details.sending">Close</button>
             </footer>
           </div>
@@ -624,9 +627,12 @@ <h2 class="title is-4">Unmanaged certificates</h2>
         },
         formatExpiresOn(value) {
           const date = new Date(value);
-          const remainDays = Math.round((date - Date.now()) / (1000 * 60 * 60 * 24));
+          const diff = date - Date.now();
+          const remainDays = Math.round(diff / (1000 * 60 * 60 * 24));
+
+          const remainText = diff > 0 ? `Expires in ${remainDays} days` : `EXPIRED`;
 
-          return `${date.toLocaleString()} (Expires in ${remainDays} days)`;
+          return `${date.toLocaleString()} (${remainText})`;
         }
       },
       async beforeMount() {

azuredeploy.json

@@ -4,8 +4,8 @@
   "metadata": {
     "_generator": {
       "name": "bicep",
-      "version": "0.4.1008.15138",
-      "templateHash": "14145747506233511579"
+      "version": "0.4.1124.51302",
+      "templateHash": "2245426988338687263"
     }
   },
   "parameters": {
@@ -71,7 +71,6 @@
       }
     }
   },
-  "functions": [],
   "variables": {
     "functionAppName": "[format('func-{0}-{1}', parameters('appNamePrefix'), substring(uniqueString(resourceGroup().id, deployment().name), 0, 4))]",
     "appServicePlanName": "[format('plan-{0}-{1}', parameters('appNamePrefix'), substring(uniqueString(resourceGroup().id, deployment().name), 0, 4))]",