Blame SOURCES/httpd-ssl-gencerts

e71654
#!/usr/bin/bash
e71654
e71654
set -e
e71654
e71654
FQDN=`hostname`
e71654
ssldotconf=/etc/httpd/conf.d/ssl.conf
e71654
e71654
if test -f /etc/pki/tls/certs/localhost.crt -a \
e71654
        -f /etc/pki/tls/private/localhost.key; then
e71654
    exit 0
e71654
fi
e71654
e71654
if test -f /etc/pki/tls/certs/localhost.crt -a \
e71654
        ! -f /etc/pki/tls/private/localhost.key; then
e71654
    echo "Missing certificate key!"
e71654
    exit 1
e71654
fi
e71654
e71654
if test ! -f /etc/pki/tls/certs/localhost.crt -a \
e71654
         -f /etc/pki/tls/private/localhost.key; then
e71654
    echo "Missing certificate, but key is present!"
e71654
    exit 1
e71654
fi
e71654
e71654
if ! test -f ${ssldotconf} || \
e71654
   ! grep -q '^SSLCertificateFile /etc/pki/tls/certs/localhost.crt' ${ssldotconf} || \
e71654
   ! grep -q '^SSLCertificateKeyFile /etc/pki/tls/private/localhost.key' ${ssldotconf}; then
e71654
    # Non-default configuration, do nothing.
e71654
    exit 0
e71654
fi
e71654
e71654
sscg -q                                                             \
e71654
     --cert-file           /etc/pki/tls/certs/localhost.crt         \
e71654
     --cert-key-file       /etc/pki/tls/private/localhost.key       \
e71654
     --ca-file             /etc/pki/tls/certs/localhost.crt         \
e71654
     --lifetime            365                                      \
e71654
     --hostname            $FQDN                                    \
e71654
     --email               root@$FQDN
e71654