From 2038991f8c6d3db4a8f650195538a66a41f9f751 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Fri, 22 Sep 2017 10:29:43 -0400 Subject: [PATCH] Handle edge-cases in gencerts Make sure that we exit with success if the files already exist and that we exit with failure and a message if only one or the other is present. --- httpd-ssl-gencerts | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/httpd-ssl-gencerts b/httpd-ssl-gencerts index 371a838..22aece4 100755 --- a/httpd-ssl-gencerts +++ b/httpd-ssl-gencerts @@ -4,11 +4,24 @@ set -e FQDN=`hostname` -if test -f /etc/pki/tls/certs/localhost.crt -o \ +if test -f /etc/pki/tls/certs/localhost.crt -a \ -f /etc/pki/tls/private/localhost.key; then + exit 0 +fi + +if test -f /etc/pki/tls/certs/localhost.crt -a \ + ! -f /etc/pki/tls/private/localhost.key; then + echo "Missing certificate key!" exit 1 fi +if test ! -f /etc/pki/tls/certs/localhost.crt -a \ + -f /etc/pki/tls/private/localhost.key; then + echo "Missing certificate, but key is present!" + exit 1 +fi + + sscg -q \ --cert-file /etc/pki/tls/certs/localhost.crt \ --cert-key-file /etc/pki/tls/private/localhost.key \