You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
40 lines
1.3 KiB
40 lines
1.3 KiB
#!/usr/bin/bash |
|
|
|
set -e |
|
|
|
FQDN=`hostname` |
|
ssldotconf=/etc/httpd/conf.d/ssl.conf |
|
|
|
if test -f /etc/pki/tls/certs/localhost.crt -a \ |
|
-f /etc/pki/tls/private/localhost.key; then |
|
exit 0 |
|
fi |
|
|
|
if test -f /etc/pki/tls/certs/localhost.crt -a \ |
|
! -f /etc/pki/tls/private/localhost.key; then |
|
echo "Missing certificate key!" |
|
exit 1 |
|
fi |
|
|
|
if test ! -f /etc/pki/tls/certs/localhost.crt -a \ |
|
-f /etc/pki/tls/private/localhost.key; then |
|
echo "Missing certificate, but key is present!" |
|
exit 1 |
|
fi |
|
|
|
if ! test -f ${ssldotconf} || \ |
|
! grep -q '^SSLCertificateFile /etc/pki/tls/certs/localhost.crt' ${ssldotconf} || \ |
|
! grep -q '^SSLCertificateKeyFile /etc/pki/tls/private/localhost.key' ${ssldotconf}; then |
|
# Non-default configuration, do nothing. |
|
exit 0 |
|
fi |
|
|
|
sscg -q \ |
|
--cert-file /etc/pki/tls/certs/localhost.crt \ |
|
--cert-key-file /etc/pki/tls/private/localhost.key \ |
|
--ca-file /etc/pki/tls/certs/localhost.crt \ |
|
--dhparams-file /tmp/dhparams.pem \ |
|
--lifetime 365 \ |
|
--hostname $FQDN \ |
|
--email root@$FQDN |
|
|
|
|