| #!/usr/bin/bash |
| |
| set -e |
| |
| FQDN=`hostname` |
| ssldotconf=/etc/httpd/conf.d/ssl.conf |
| |
| if test -f /etc/pki/tls/certs/localhost.crt -a \ |
| -f /etc/pki/tls/private/localhost.key; then |
| exit 0 |
| fi |
| |
| if test -f /etc/pki/tls/certs/localhost.crt -a \ |
| ! -f /etc/pki/tls/private/localhost.key; then |
| echo "Missing certificate key!" |
| exit 1 |
| fi |
| |
| if test ! -f /etc/pki/tls/certs/localhost.crt -a \ |
| -f /etc/pki/tls/private/localhost.key; then |
| echo "Missing certificate, but key is present!" |
| exit 1 |
| fi |
| |
| if ! test -f ${ssldotconf} || \ |
| ! grep -q '^SSLCertificateFile /etc/pki/tls/certs/localhost.crt' ${ssldotconf} || \ |
| ! grep -q '^SSLCertificateKeyFile /etc/pki/tls/private/localhost.key' ${ssldotconf}; then |
| # Non-default configuration, do nothing. |
| exit 0 |
| fi |
| |
| sscg -q \ |
| --cert-file /etc/pki/tls/certs/localhost.crt \ |
| --cert-key-file /etc/pki/tls/private/localhost.key \ |
| --ca-file /etc/pki/tls/certs/localhost.crt \ |
| --lifetime 365 \ |
| --hostname $FQDN \ |
| --email root@$FQDN |
| |