diff --git a/builtin/logical/pki/path_acme_order.go b/builtin/logical/pki/path_acme_order.go index d7211d3d86..19fa30b8c1 100644 --- a/builtin/logical/pki/path_acme_order.go +++ b/builtin/logical/pki/path_acme_order.go @@ -883,8 +883,8 @@ func (b *backend) acmeNewOrderHandler(ac *acmeContext, req *logical.Request, _ * observe.NewAdditionalPKIMetadata("role_name", role), observe.NewAdditionalPKIMetadata("issuer_name", issuerName), observe.NewAdditionalPKIMetadata("issuer_id", issuerId), - observe.NewAdditionalPKIMetadata("not_before", notBefore), - observe.NewAdditionalPKIMetadata("not_after", notAfter), + observe.NewAdditionalPKIMetadata("not_before", notBefore.Format(time.RFC3339)), + observe.NewAdditionalPKIMetadata("not_after", notAfter.Format(time.RFC3339)), observe.NewAdditionalPKIMetadata("order_id", order.OrderId), observe.NewAdditionalPKIMetadata("account_id", order.AccountId), ) diff --git a/builtin/logical/pki/path_issue_sign.go b/builtin/logical/pki/path_issue_sign.go index 300662302e..2bef8784e9 100644 --- a/builtin/logical/pki/path_issue_sign.go +++ b/builtin/logical/pki/path_issue_sign.go @@ -490,8 +490,8 @@ func (b *backend) pathIssueSignCert(ctx context.Context, req *logical.Request, d observe.NewAdditionalPKIMetadata("role_name", role.Name), observe.NewAdditionalPKIMetadata("stored", !role.NoStore), observe.NewAdditionalPKIMetadata("common_name", parsedBundle.Certificate.Subject.CommonName), - observe.NewAdditionalPKIMetadata("not_after", parsedBundle.Certificate.NotAfter.String()), - observe.NewAdditionalPKIMetadata("not_before", parsedBundle.Certificate.NotBefore.String()), + observe.NewAdditionalPKIMetadata("not_after", parsedBundle.Certificate.NotAfter.Format(time.RFC3339)), + observe.NewAdditionalPKIMetadata("not_before", parsedBundle.Certificate.NotBefore.Format(time.RFC3339)), observe.NewAdditionalPKIMetadata("subject_key_id", parsedBundle.Certificate.SubjectKeyId), observe.NewAdditionalPKIMetadata("authority_key_id", parsedBundle.Certificate.AuthorityKeyId), observe.NewAdditionalPKIMetadata("serial_number", parsedBundle.Certificate.SerialNumber.String()), diff --git a/builtin/logical/pki/path_roles.go b/builtin/logical/pki/path_roles.go index 58666ce605..0749cdb0ae 100644 --- a/builtin/logical/pki/path_roles.go +++ b/builtin/logical/pki/path_roles.go @@ -1086,7 +1086,7 @@ func (b *backend) pathRoleCreate(ctx context.Context, req *logical.Request, data observe.NewAdditionalPKIMetadata("ttl", entry.TTL.String()), observe.NewAdditionalPKIMetadata("no_store", entry.NoStore), observe.NewAdditionalPKIMetadata("not_after", entry.NotAfter), - observe.NewAdditionalPKIMetadata("not_before", entry.NotBeforeDuration.String()), + observe.NewAdditionalPKIMetadata("not_before_duration", entry.NotBeforeDuration.String()), ) return resp, nil @@ -1311,7 +1311,7 @@ func (b *backend) pathRolePatch(ctx context.Context, req *logical.Request, data observe.NewAdditionalPKIMetadata("ttl", entry.TTL.String()), observe.NewAdditionalPKIMetadata("no_store", entry.NoStore), observe.NewAdditionalPKIMetadata("not_after", entry.NotAfter), - observe.NewAdditionalPKIMetadata("not_before", entry.NotBeforeDuration.String()), + observe.NewAdditionalPKIMetadata("not_before_duration", entry.NotBeforeDuration.String()), ) return resp, nil diff --git a/builtin/logical/pki/path_root.go b/builtin/logical/pki/path_root.go index a214be07ae..a23ebac2ed 100644 --- a/builtin/logical/pki/path_root.go +++ b/builtin/logical/pki/path_root.go @@ -347,8 +347,8 @@ func (b *backend) pathCAGenerateRoot(ctx context.Context, req *logical.Request, observe.NewAdditionalPKIMetadata("authority_key_id", parsedBundle.Certificate.AuthorityKeyId), observe.NewAdditionalPKIMetadata("public_key_algorithm", parsedBundle.Certificate.PublicKeyAlgorithm.String()), observe.NewAdditionalPKIMetadata("public_key_size", certutil.GetPublicKeySize(parsedBundle.Certificate.PublicKey)), - observe.NewAdditionalPKIMetadata("not_after", parsedBundle.Certificate.NotAfter.String()), - observe.NewAdditionalPKIMetadata("not_before", parsedBundle.Certificate.NotBefore.String())) + observe.NewAdditionalPKIMetadata("not_after", parsedBundle.Certificate.NotAfter.Format(time.RFC3339)), + observe.NewAdditionalPKIMetadata("not_before", parsedBundle.Certificate.NotBefore.Format(time.RFC3339))) return resp, nil } @@ -476,8 +476,8 @@ func (b *backend) pathIssuerSignIntermediate(ctx context.Context, req *logical.R b.pkiObserver.RecordPKIObservation(ctx, req, observe.ObservationTypePKIIssuerSignIntermediate, observe.NewAdditionalPKIMetadata("issuer_name", issuerName), observe.NewAdditionalPKIMetadata("issuer_id", issuerId), - observe.NewAdditionalPKIMetadata("not_after", parsedBundle.Certificate.NotAfter.String()), - observe.NewAdditionalPKIMetadata("not_before", parsedBundle.Certificate.NotBefore.String()), + observe.NewAdditionalPKIMetadata("not_after", parsedBundle.Certificate.NotAfter.Format(time.RFC3339)), + observe.NewAdditionalPKIMetadata("not_before", parsedBundle.Certificate.NotBefore.Format(time.RFC3339)), observe.NewAdditionalPKIMetadata("common_name", parsedBundle.Certificate.Subject.CommonName), observe.NewAdditionalPKIMetadata("subject_key_id", parsedBundle.Certificate.SubjectKeyId), observe.NewAdditionalPKIMetadata("authority_key_id", parsedBundle.Certificate.AuthorityKeyId), @@ -668,8 +668,8 @@ func (b *backend) pathIssuerSignSelfIssued(ctx context.Context, req *logical.Req observe.NewAdditionalPKIMetadata("issuer_id", issuerId.String()), observe.NewAdditionalPKIMetadata("issuing_ca", signingCB.IssuingCA), observe.NewAdditionalPKIMetadata("serial_number", cert.SerialNumber), - observe.NewAdditionalPKIMetadata("not_after", cert.NotAfter.String()), - observe.NewAdditionalPKIMetadata("not_before", cert.NotBefore.String()), + observe.NewAdditionalPKIMetadata("not_after", cert.NotAfter.Format(time.RFC3339)), + observe.NewAdditionalPKIMetadata("not_before", cert.NotBefore.Format(time.RFC3339)), observe.NewAdditionalPKIMetadata("common_name", cert.Subject.CommonName), observe.NewAdditionalPKIMetadata("public_key_algorithm", cert.PublicKeyAlgorithm.String()), observe.NewAdditionalPKIMetadata("public_key_size", certutil.GetPublicKeySize(cert.PublicKey)),