#! /bin/sh

apa=/etc/apache
support=/usr/lib/apache
PATH=$PATH:/usr/bin/ssl

makecert()
{
	echo "What type of certificate do you want to create ?"
	echo
	echo "1. dummy    (dummy self-signed Snake Oil cert)"
	echo "2. test     (test cert signed by Snake Oil CA)"
	echo "3. custom   (custom cert signed by own CA)"
	echo "4. existing (existing cert)"
	echo
	echo "Use dummy    when you're a  vendor package maintainer,"
	echo "    test     when you're an admin but want to do tests only,"
	echo "    custom   when you're an admin willing to run a real server"
	echo "and existing when you're an admin who upgrades a server."
	echo
	echo "Normally you'd use \"test\" (2)"
	echo
	echo -n "> "
	TYPE=""
	while read ans
	do
		case "$ans" in
			1) TYPE=dummy ;;
			2) TYPE=test ;;
			3) TYPE=custom ;;
			4) TYPE=existing ;;
		esac
		[ "$TYPE" ] && break
		echo -n "> "
	done

	$support/mkcert.sh make "" openssl $support $TYPE RSA "" "" "" /etc/apache
}

overwrite()
{
	seen=
	for i in crt csr key prm
	do
		[ ! -f $apa/ssl.$i/$1.$i ] && continue
		echo "$apa/ssl.$i/$1.$i: already present"
		seen=yes
	done
	[ ! "$seen" ] && return 0

	echo
	if [ "$1" = server ]
	then
		line=""
	else
		line="for $1"
	fi

	echo -n "Do you really want to overwrite the existing "
	echo -n "certificate $line? [y/N]: "
	read ans
	case "$ans" in
		y*|Y*)
			ret=0
			;;
		*)
			ret=1
			echo
			;;
	esac

	return $ret
}

askwhere()
{
	echo
	echo "Enter the name for this certificate. The files will get"
	echo "stored as /etc/apache/ssl.{crt,csr,key}/server.{crt,csr,key}."
	echo "The default is \"server\"".
	echo
	done=
	while [ ! "$done" ]
	do
		echo -n "certificate name [server]> "
		read name
		[ "$name" = "" ] && name=server
		echo
		overwrite $name && break
	done
}

#askwhere
overwrite server || exit 1
makecert

