576df0
#!/usr/bin/bash
576df0
576df0
set -e
576df0
576df0
FQDN=`hostname`
576df0
ssldotconf=/etc/httpd/conf.d/ssl.conf
576df0
576df0
if test -f /etc/pki/tls/certs/localhost.crt -a \
576df0
        -f /etc/pki/tls/private/localhost.key; then
576df0
    exit 0
576df0
fi
576df0
576df0
if test -f /etc/pki/tls/certs/localhost.crt -a \
576df0
        ! -f /etc/pki/tls/private/localhost.key; then
576df0
    echo "Missing certificate key!"
576df0
    exit 1
576df0
fi
576df0
576df0
if test ! -f /etc/pki/tls/certs/localhost.crt -a \
576df0
         -f /etc/pki/tls/private/localhost.key; then
576df0
    echo "Missing certificate, but key is present!"
576df0
    exit 1
576df0
fi
576df0
576df0
if ! test -f ${ssldotconf} || \
576df0
   ! grep -q '^SSLCertificateFile /etc/pki/tls/certs/localhost.crt' ${ssldotconf} || \
576df0
   ! grep -q '^SSLCertificateKeyFile /etc/pki/tls/private/localhost.key' ${ssldotconf}; then
576df0
    # Non-default configuration, do nothing.
576df0
    exit 0
576df0
fi
576df0
576df0
sscg -q                                                             \
576df0
     --cert-file           /etc/pki/tls/certs/localhost.crt         \
576df0
     --cert-key-file       /etc/pki/tls/private/localhost.key       \
576df0
     --ca-file             /etc/pki/tls/certs/localhost.crt         \
576df0
     --lifetime            365                                      \
576df0
     --hostname            $FQDN                                    \
576df0
     --email               root@$FQDN
576df0