From 573442dbd295e95e90f0320e7b2963ddd51d9118 Mon Sep 17 00:00:00 2001
From: Rodolphe Breard <rodolphe@what.tf>
Date: Tue, 25 Aug 2020 20:08:58 +0200
Subject: [PATCH] Improve the logging of the renewal decision

---
 acmed/src/certificate.rs | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/acmed/src/certificate.rs b/acmed/src/certificate.rs
index a869e22..96233b0 100644
--- a/acmed/src/certificate.rs
+++ b/acmed/src/certificate.rs
@@ -107,8 +107,9 @@ impl Certificate {
     fn is_expiring(&self, cert: &X509Certificate) -> Result<bool, Error> {
         let expires_in = cert.expires_in()?;
         self.debug(&format!(
-            "Certificate expires in {} days",
-            expires_in.as_secs() / 86400
+            "Certificate expires in {} days ({} days delay)",
+            expires_in.as_secs() / 86400,
+            self.renew_delay.as_secs() / 86400,
         ));
         Ok(expires_in <= self.renew_delay)
     }
@@ -155,8 +156,15 @@ impl Certificate {
         }
         let cert = get_certificate(&self)?;
 
-        let renew = self.has_missing_identifiers(&cert);
-        let renew = renew || self.is_expiring(&cert)?;
+        let renew_ident = self.has_missing_identifiers(&cert);
+        if renew_ident {
+            self.debug("The current certificate doesn't include all the required identifiers.");
+        }
+        let renew_exp = self.is_expiring(&cert)?;
+        if renew_exp {
+            self.debug("The certificate is expiring.");
+        }
+        let renew = renew_ident || renew_exp;
 
         if renew {
             self.debug("The certificate will be renewed now");