CertificateExpiration fires twice for a certificate that expires

[zikato]

Steps to Reproduce

Run Invoke-DbcCheck -SqlInstance [instance] -Check CertificateExpiration on a server that has expired certificate.

Description of Bug

When a certificate is expired it fires off two failed tests:
"Database $($psitem.Database) certificate $($psitem.Name) has not expired on $($psitem.SqlInstance)"
"Database $($psitem.Database) certificate $($psitem.Name) does not expire for more than $CertificateWarning months on $($psitem.SqlInstance)"

The second check is redundant and pollutes the results.

[shaneis]

After reading the descriptions, I take back what I said; I don't think they're redundant.

• The first check is searching for certificates that are currently expired.
• The second check is searching for certificates that are not currently expired but will expire within a certain number of months.

There are a few certificates e.g. certificates to encrypt backups, that I'd like to be notified of if they are going to expire in <insert number here> of months in case they expire and my backup jobs suddenly break 😟

[zikato]

I didn't mean it that the check itself is redundant. But if you already have expired certificate, it should show up only in the Expired check, not in the expires in x months.

so add extra condition to second check that the certificate expiration > currentDatetime