automatic import of httpd

1 files changed, 39 insertions, 0 deletions

diff --git a/httpd-ssl-gencerts b/httpd-ssl-gencerts
new file mode 100644
index 0000000..350f5b5
--- /dev/null
+++ b/httpd-ssl-gencerts
@@ -0,0 +1,39 @@
+#!/usr/bin/bash
+
+set -e
+
+FQDN=`hostname`
+ssldotconf=/etc/httpd/conf.d/ssl.conf
+
+if test -f /etc/pki/tls/certs/localhost.crt -a \
+        -f /etc/pki/tls/private/localhost.key; then
+    exit 0
+fi
+
+if test -f /etc/pki/tls/certs/localhost.crt -a \
+        ! -f /etc/pki/tls/private/localhost.key; then
+    echo "Missing certificate key!"
+    exit 1
+fi
+
+if test ! -f /etc/pki/tls/certs/localhost.crt -a \
+         -f /etc/pki/tls/private/localhost.key; then
+    echo "Missing certificate, but key is present!"
+    exit 1
+fi
+
+if ! test -f ${ssldotconf} || \
+   ! grep -q '^SSLCertificateFile /etc/pki/tls/certs/localhost.crt' ${ssldotconf} || \
+   ! grep -q '^SSLCertificateKeyFile /etc/pki/tls/private/localhost.key' ${ssldotconf}; then
+    # Non-default configuration, do nothing.
+    exit 0
+fi
+
+sscg -q                                                             \
+     --cert-file           /etc/pki/tls/certs/localhost.crt         \
+     --cert-key-file       /etc/pki/tls/private/localhost.key       \
+     --ca-file             /etc/pki/tls/certs/localhost.crt         \
+     --lifetime            365                                      \
+     --hostname            $FQDN                                    \
+     --email               root@$FQDN
+