#! /bin/sh



PATH="$PATH:/usr/local/bin:/usr/bin:/usr/local/fireball:/usr/local/ssl/bin"
export PATH


if [[ ! -d /etc/sysconfig/ssl ]]
then
    mkdir -p -m 755 /etc/sysconfig/ssl
fi


if [[ ! -f /etc/sysconfig/sslCert.conf ]]
then
  cp /usr/local/fireball/defaults/sysconfig/sslCert.conf \
     /etc/sysconfig/sslCert.conf
  rm /etc/sysconfig/ssl/fb_priv.key
  rm /etc/sysconfig/ssl/fb_cert.crt
fi


if [[  ! -s /etc/sysconfig/ssl/fb_priv.key
    || ! -s /etc/sysconfig/ssl/fb_cert.crt
   ]]
then

    serialNum=$(warranty -s)     # Fetch serial number.
    serialNum=${serialNum#* }    # Drop all but the number itself.

    export RANDFILE=/etc/sysconfig/ssl/rnd

    result=$(openssl req -new -days 10000 -x509 -set_serial "$serialNum" \
        -newkey rsa:512 -nodes -keyout /etc/sysconfig/ssl/fb_priv.key \
        -config /etc/sysconfig/sslCert.conf \
        -out /etc/sysconfig/ssl/fb_cert.crt 2>&1)

    logger -t makeSSLCert -- "$result"

    if [ -s /var/run/httpd.pid ]
    then
      kill $(</var/run/httpd.pid)
    fi

fi

if [[ -s /etc/sysconfig/ssl/fb_priv.key
   && -s /etc/sysconfig/ssl/fb_cert.crt
   ]]
then
    exit 0    # Indicate success
else
    echo "Unable to create SSL Key & Certificate"
    exit 1    # Indicate failure
fi


