From 45b5d7a5d8b613222fe4afa8193340aade639aa5 Mon Sep 17 00:00:00 2001
From: Dirk <dirk@testssl.sh>
Date: Mon, 26 Oct 2020 21:32:09 +0100
Subject: [PATCH] Fix issue with host certificate expiration

- wrong certificate name
- fault logic (if statements) -- intermediate section looks not affected
---
 testssl.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/testssl.sh b/testssl.sh
index 7742f53..ec03c1a 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -9046,9 +9046,9 @@ certificate_info() {
           set_grade_cap "T" "Certificate expired"
      else
           # low threshold first
-          if ! [[ "$($OPENSSL x509 -checkend $((secsaday*days2warn2)) 2>>$ERRFILE <<< "$cert")" =~ \ not\  ]]; then
+          if [[ "$($OPENSSL x509 -checkend $((secsaday*days2warn2)) 2>>$ERRFILE <<< "$hostcert")" =~ \ not\  ]]; then
                # high threshold
-               if ! [[ "$($OPENSSL x509 -checkend $((secsaday*days2warn1)) 2>>$ERRFILE <<< "$cert")" =~ \ not\  ]]; then
+               if [[ "$($OPENSSL x509 -checkend $((secsaday*days2warn1)) 2>>$ERRFILE <<< "$hostcert")" =~ \ not\  ]]; then
                     pr_svrty_good "$days2expire >= $days2warn1 days"
                     expfinding+="$days2expire >= $days2warn1 days"
                else