#!/usr/bin/env bash


DOMAIN_NAME="$DOMAIN}"
DAYS_VALID=3650

CERT="0"
KEY="0"

CERT_FILE="/etc/ssl/certs/self-signed.crt"
KEY_FILE="/etc/ssl/private/self-signed.key"

stat "${CERT_FILE}"
if [ "$?" -eq "0" ];then
	CERT="1"
fi

stat "${KEY_FILE}"
if [ "$?" -eq "0" ];then
	KEY="1"
fi

if [[ "${KEY}" -eq "0" || "${CERT}" -eq "0" ]];then

echo "Creating self-signed certificate valid for ${DAYS_VALID} days for domain ${DOMAIN_NAME}" && \
    openssl \
    req -x509 \
    -nodes \
    -subj "/CN=${DOMAIN_NAME}" \
    -addext "subjectAltName=DNS:${DOMAIN_NAME}" \
    -days ${DAYS_VALID} \
    -newkey rsa:4096 -keyout "${KEY_FILE}" \
    -out "${CERT_FILE}"
else
	echo "Certificate and key already exist"
	# verify that they both are OK
fi