diff --git a/src/config.rs b/src/config.rs
index af1ef72..935063b 100644
--- a/src/config.rs
+++ b/src/config.rs
@@ -86,7 +86,7 @@ pub struct CertConfig {
 
 impl CertConfig {
     pub fn filter_cert_config_items(self, valid_days: i32) -> Self {
-        let mut cert_items = vec![];
+        let mut filtered_cert_items = vec![];
 
         let valid_days_secs = valid_days as i64 * 24 * 3600;
         let secs_from_unix_epoch = SystemTime::now().duration_since(SystemTime::UNIX_EPOCH).unwrap().as_secs() as i64;
@@ -102,7 +102,7 @@ impl CertConfig {
                         warning!("Certificate: {} is valid: {} days", item.path,
                             (x509_certificate.certificate_not_after - secs_from_unix_epoch)/valid_days_secs
                         );
-                        cert_items.push(item2);
+                        filtered_cert_items.push(item2);
                     }
                 }
                 Ok(None) => {
@@ -110,13 +110,13 @@ impl CertConfig {
                         information!("Create path: {}", item.path);
                         fs::create_dir_all(&item.path).ok();
                     }
-                    cert_items.push(item2);
+                    filtered_cert_items.push(item2);
                 }
                 Err(e) => warning!("Certificate: {}, parse error: {}", item.path, e),
             }
         }
 
-        Self { cert_items }
+        Self { cert_items: filtered_cert_items }
     }
 
     pub fn load(config_fn: &str) -> XResult<Self> {
@@ -128,12 +128,12 @@ impl CertConfig {
 
 impl CertConfigItem {
     pub fn fill_dns_names(&mut self) -> XResult<Option<X509Certificate>> {
+        if self.path.is_empty() {
+            return simple_error!("Cert config item path is empty");
+        }
+        let path_buff = opt_result!(PathBuf::from_str(&self.path), "Path: {}, failed: {}", self.path);
+        let cert_path_buff = path_buff.join(CERT_NAME);
         if self.common_name.is_none() || self.dns_names.is_none() {
-            if self.path.is_empty() {
-                return simple_error!("Cert config item common name and path both empty");
-            }
-            let path_buff = opt_result!(PathBuf::from_str(&self.path), "Path: {}, failed: {}", self.path);
-            let cert_path_buff = path_buff.join(CERT_NAME);
             let pem = opt_result!(fs::read_to_string(cert_path_buff.clone()), "Read file: {:?}, failed: {}", cert_path_buff);
             let x509_certificate = opt_result!(x509::parse_x509(&format!("{}/{}", self.path, CERT_NAME), &pem), "Parse x509: {}/{}, faield: {}", self.path, CERT_NAME);
             self.common_name = Some(x509_certificate.common_name.clone());
@@ -142,9 +142,6 @@ impl CertConfigItem {
             self.public_key_algo = Some(x509_certificate.public_key_algo.clone());
             Ok(Some(x509_certificate))
         } else {
-            if self.path.is_empty() {
-                return simple_error!("Cert config item path is empty");
-            }
             if self.public_key_algo.is_none() {
                 self.public_key_algo = match &self.algo {
                     None => Some(X509PublicKeyAlgo::Rsa(2048)),
@@ -157,7 +154,13 @@ impl CertConfigItem {
                     },
                 };
             }
-            Ok(None)
+            if cert_path_buff.exists() {
+                let pem = opt_result!(fs::read_to_string(cert_path_buff.clone()), "Read file: {:?}, failed: {}", cert_path_buff);
+                let x509_certificate = opt_result!(x509::parse_x509(&format!("{}/{}", self.path, CERT_NAME), &pem), "Parse x509: {}/{}, faield: {}", self.path, CERT_NAME);
+                Ok(Some(x509_certificate))
+            } else {
+                Ok(None)
+            }
         }
     }
 }