Blame SPECS/httpd-ssl-gencerts
|
Packit |
718f12 |
#!/usr/bin/bash
|
|
Packit |
718f12 |
|
|
Packit |
718f12 |
set -e
|
|
Packit |
718f12 |
|
|
Packit |
718f12 |
FQDN=`hostname`
|
|
Packit |
718f12 |
ssldotconf=/etc/httpd/conf.d/ssl.conf
|
|
Packit |
718f12 |
|
|
Packit |
718f12 |
if test -f /etc/pki/tls/certs/localhost.crt -a \
|
|
Packit |
718f12 |
-f /etc/pki/tls/private/localhost.key; then
|
|
Packit |
718f12 |
exit 0
|
|
Packit |
718f12 |
fi
|
|
Packit |
718f12 |
|
|
Packit |
718f12 |
if test -f /etc/pki/tls/certs/localhost.crt -a \
|
|
Packit |
718f12 |
! -f /etc/pki/tls/private/localhost.key; then
|
|
Packit |
718f12 |
echo "Missing certificate key!"
|
|
Packit |
718f12 |
exit 1
|
|
Packit |
718f12 |
fi
|
|
Packit |
718f12 |
|
|
Packit |
718f12 |
if test ! -f /etc/pki/tls/certs/localhost.crt -a \
|
|
Packit |
718f12 |
-f /etc/pki/tls/private/localhost.key; then
|
|
Packit |
718f12 |
echo "Missing certificate, but key is present!"
|
|
Packit |
718f12 |
exit 1
|
|
Packit |
718f12 |
fi
|
|
Packit |
718f12 |
|
|
Packit |
718f12 |
if ! test -f ${ssldotconf} || \
|
|
Packit |
718f12 |
! grep -q '^SSLCertificateFile /etc/pki/tls/certs/localhost.crt' ${ssldotconf} || \
|
|
Packit |
718f12 |
! grep -q '^SSLCertificateKeyFile /etc/pki/tls/private/localhost.key' ${ssldotconf}; then
|
|
Packit |
718f12 |
# Non-default configuration, do nothing.
|
|
Packit |
718f12 |
exit 0
|
|
Packit |
718f12 |
fi
|
|
Packit |
718f12 |
|
|
Packit |
718f12 |
sscg -q \
|
|
Packit |
718f12 |
--cert-file /etc/pki/tls/certs/localhost.crt \
|
|
Packit |
718f12 |
--cert-key-file /etc/pki/tls/private/localhost.key \
|
|
Packit |
718f12 |
--ca-file /etc/pki/tls/certs/localhost.crt \
|
|
Packit |
718f12 |
--lifetime 365 \
|
|
Packit |
718f12 |
--hostname $FQDN \
|
|
Packit |
718f12 |
--email root@$FQDN
|
|
Packit |
718f12 |
|