#!/bin/sh
# create Certificate
#

CertName=$1
CertPath=$2

IP=`ping $HOSTNAME -c 1 -q | egrep -o '([0-9]{1,3}\.){3}[0-9]{1,3}' | egrep -v '255|(127\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})'`
pushd .

cd /var/tmp
if [ "!$IP" = "!" ]; then
   IP="127.0.0.1"
fi

RANGE=2048

RNDVAL=$RANDOM
let "RNDVAL %= $RANGE"

SUBJ=`echo "/O=Intel/OU=Server Management/CN=$IP"`


openssl genrsa -out $CertName.key 2048 -sha1 1>&2 2>/dev/null
openssl req -set_serial $RNDVAL -new -nodes -key $CertName.key -out request.pem -subj "$SUBJ" 1>&2 2>/dev/null
openssl x509 -set_serial $RNDVAL -req -days 760 -sha1 -in request.pem -signkey $CertName.key -out $CertName.crt 1>&2 2>/dev/null

#openssl req -new -x509 -days 760 -sha1 -newkey rsa:2048 -set_serial $RNDVAL -nodes -keyout $CertName.key -out $CertName.crt -subj "$SUBJ"

cat $CertName.crt > $CertName.pem
cat $CertName.key >> $CertName.pem
chmod 644 $CertName.crt
chmod 600 $CertName.pem
mv -f $CertName.crt $CertPath/.
mv -f $CertName.pem $CertPath/.
rm -rf $CertName.key
rm -rf request.pem

popd
