#!/bin/sh

ssldir=/etc/ssl/apache2
sslkey=$ssldir/server.key
sslcert=$ssldir/server.pem

umask 077

[ -f $sslkey ] || openssl genrsa 2048 > $sslkey 2>/dev/null

FQDN=`hostname -f`
if [ "x${FQDN}" = "x" ]; then
	FQDN=localhost.localdomain
fi

if [ ! -f ${sslcert} ] ; then
cat << EOF | openssl req -new -key ${sslkey} \
         -x509 -days 365 -set_serial $RANDOM \
         -out ${sslcert} 2>/dev/null
--
SomeState
SomeCity
SomeOrganization
SomeOrganizationalUnit
${FQDN}
root@${FQDN}
EOF
fi