From 151630b6741d19c439713d1e3f31529052a41697 Mon Sep 17 00:00:00 2001
From: Christian Hesse <mail@eworm.de>
Date: Fri, 3 Apr 2020 14:36:32 +0200
Subject: check-certificates: warn about missing chain

---
 check-certificates | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'check-certificates')

diff --git a/check-certificates b/check-certificates
index ad19059..40e509b 100644
--- a/check-certificates
+++ b/check-certificates
@@ -57,7 +57,9 @@
     :local CertNew [ / certificate find where common-name=($CertVal->"common-name") fingerprint!=[ :tostr ($CertVal->"fingerprint") ] expires-after>3w ];
     :local CertNewVal [ / certificate get $CertNew ];
 
-    $CertificateAvailable ([ $ParseKeyValueStore ($CertNewVal->"issuer") ]->"CN");
+    :if ([ $CertificateAvailable ([ $ParseKeyValueStore ($CertNewVal->"issuer") ]->"CN") ] = false) do={
+      $LogPrintExit warning ("The certificate chain is not available!") false;
+    }
 
     :if ($Cert != $CertNew) do={
       $LogPrintExit debug ("Certificate '" . $CertVal->"name" . "' was not updated, but replaced.") false;
-- 
cgit v1.2.3-54-g00ecf