#!/bin/bash

CERTDIR=/etc/ssl/sys

CNF=/etc/sys-ssl.conf

if [ -f $CNF ]; then
	. $CNF
else
	echo "ERROR: $CNF not found"
	exit 11
fi

if [ -z "$domain" ]; then
	echo "ERROR: no primary domain defined"
	exit 11
fi

function gen_ss_wc()
{
	fn_key="${CERTDIR}/ss_wc/${domain}-key.pem"
	fn_cert="${CERTDIR}/ss_wc/${domain}-cert.pem"
	fn_csr="${CERTDIR}/ss_wc/${domain}.csr"

	if ! [ -f $fn_cert -a -f $fn_key ]; then

		echo "Generating self signed wildcard cert for ${domain}"

		subj="/C=EU/ST=Europe/O=${domain}_ssl/CN=*.${domain}"

		openssl genrsa -out $fn_key 2048
		openssl req -new -subj $subj -key $fn_key -out $fn_csr
		openssl x509 -req -days 36500 -in $fn_csr -signkey $fn_key -out $fn_cert
	fi

}

function gen_ss_default()
{
	fn_key="${CERTDIR}/ss_wc/default-key.pem"
	fn_cert="${CERTDIR}/ss_wc/default-cert.pem"
	fn_csr="${CERTDIR}/ss_wc/default.csr"

	if ! [ -f $fn_cert -a -f $fn_key ]; then

		echo "Generating self signed default wildcard cert for *"
		subj="/C=EU/ST=Europe/L=NO_SSL/O=NO_SSL/OU=NO_SSL/CN=*"

		openssl genrsa -out $fn_key 2048
		openssl req -new -subj $subj -key $fn_key -out $fn_csr
		openssl x509 -req -days 36500 -in $fn_csr -signkey $fn_key -out $fn_cert
	fi

}

gen_ss_default
gen_ss_wc

exit 0