From f6bc5c973fdf14aa90e6254484892d2bb238dc3d Mon Sep 17 00:00:00 2001 From: Dominik Date: Sun, 26 Oct 2025 18:53:33 +0100 Subject: [PATCH] We should not attempt to renew the self-signed certificate when the user is not using it (no HTTPS ports defeined) Signed-off-by: Dominik --- src/enums.h | 1 + src/webserver/webserver.c | 5 ++++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/src/enums.h b/src/enums.h index 49981380..ca524783 100644 --- a/src/enums.h +++ b/src/enums.h @@ -335,6 +335,7 @@ enum cert_check { CERT_NOT_YET_VALID, CERT_EXPIRES_SOON, CERT_OKAY, + CERT_NOT_IN_USE } __attribute__ ((packed)); enum http_method { diff --git a/src/webserver/webserver.c b/src/webserver/webserver.c index cd2c0ec5..6323afd4 100644 --- a/src/webserver/webserver.c +++ b/src/webserver/webserver.c @@ -1042,7 +1042,10 @@ void *webserver_thread(void *val) while(!killed) { // Check if the certificate is about to expire soon - const enum cert_check status = cert_currently_valid(config.webserver.tls.cert.v.s, 2); + // We check only if HTTPS is enabled (https_port > 0) + const enum cert_check status = https_port == 0 ? + CERT_NOT_IN_USE : + cert_currently_valid(config.webserver.tls.cert.v.s, 2); if(status == CERT_EXPIRES_SOON && config.webserver.tls.validity.v.ui > 0)