#!/bin/sh

sysconfdir=/etc/hspc/hspc-plugin-rpc

mkdir -p $sysconfdir/certs

if [ ! -f $sysconfdir/certs/server-key.pem ] ; then
	openssl genrsa -rand /proc/apm:/proc/cpuinfo:/proc/dma:/proc/filesystems:/proc/interrupts:/proc/ioports:/proc/pci:/proc/rtc:/proc/uptime 2048 > $sysconfdir/certs/server-key.pem 2> /dev/null
fi

FQDN=`hostname -f`

if [ "x${FQDN}" = "x" ]; then
   FQDN=localhost.localdomain
fi

if [ ! -f $sysconfdir/certs/server-cert.pem ] ; then
cat << EOF | openssl req -new -key ${sysconfdir}/certs/server-key.pem -x509 -days 365 -out ${sysconfdir}/certs/server-cert.pem 2>/dev/null
--
SomeState
SomeCity
SomeOrganization
SomeOrganizationalUnit
${FQDN}
root@${FQDN}
EOF
fi

rm -f $sysconfdir/certs/server.pem 2>/dev/null
> $sysconfdir/certs/server.pem

chmod 0744 $sysconfdir/certs/server.pem
chmod 0744 $sysconfdir/certs/server-key.pem
chmod 0744 $sysconfdir/certs/server-cert.pem

cat $sysconfdir/certs/server-key.pem > $sysconfdir/certs/server.pem
echo >> $sysconfdir/certs/server.pem
echo >> $sysconfdir/certs/server.pem
cat $sysconfdir/certs/server-cert.pem >> $sysconfdir/certs/server.pem

chmod 0600 $sysconfdir/certs/server.pem
chmod 0600 $sysconfdir/certs/server-key.pem
chmod 0600 $sysconfdir/certs/server-cert.pem

true
