From 03f1098961e7cd0a5a3b7d93ca59f9176b7f63ac Mon Sep 17 00:00:00 2001
From: CoprDistGit <infra@openeuler.org>
Date: Mon, 5 Aug 2024 02:42:43 +0000
Subject: automatic import of httpd

---
 httpd-ssl-gencerts | 40 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)
 create mode 100755 httpd-ssl-gencerts

(limited to 'httpd-ssl-gencerts')

diff --git a/httpd-ssl-gencerts b/httpd-ssl-gencerts
new file mode 100755
index 0000000..5c271f7
--- /dev/null
+++ b/httpd-ssl-gencerts
@@ -0,0 +1,40 @@
+#!/usr/bin/bash
+
+set -e
+
+FQDN=`hostname`
+ssldotconf=/etc/httpd/conf.d/ssl.conf
+
+if test -f /etc/pki/tls/certs/localhost.crt -a \
+        -f /etc/pki/tls/private/localhost.key; then
+    exit 0
+fi
+
+if test -f /etc/pki/tls/certs/localhost.crt -a \
+        ! -f /etc/pki/tls/private/localhost.key; then
+    echo "Missing certificate key!"
+    exit 1
+fi
+
+if test ! -f /etc/pki/tls/certs/localhost.crt -a \
+         -f /etc/pki/tls/private/localhost.key; then
+    echo "Missing certificate, but key is present!"
+    exit 1
+fi
+
+if ! test -f ${ssldotconf} || \
+   ! grep -q '^SSLCertificateFile /etc/pki/tls/certs/localhost.crt' ${ssldotconf} || \
+   ! grep -q '^SSLCertificateKeyFile /etc/pki/tls/private/localhost.key' ${ssldotconf}; then
+    # Non-default configuration, do nothing.
+    exit 0
+fi
+
+sscg -q                                                             \
+     --cert-file           /etc/pki/tls/certs/localhost.crt         \
+     --cert-key-file       /etc/pki/tls/private/localhost.key       \
+     --ca-file             /etc/pki/tls/certs/localhost.crt         \
+     --dhparams-file       /tmp/dhparams.pem                        \
+     --lifetime            365                                      \
+     --hostname            $FQDN                                    \
+     --email               root@$FQDN
+
-- 
cgit v1.2.3