diff options
-rwxr-xr-x | generate-and-upload-self-signed-keys.in | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/generate-and-upload-self-signed-keys.in b/generate-and-upload-self-signed-keys.in index 20423b3..951bf72 100755 --- a/generate-and-upload-self-signed-keys.in +++ b/generate-and-upload-self-signed-keys.in @@ -46,6 +46,12 @@ if [ "$(whoami)" = 'root' ]; then for host_key_file in ${host_key_files}; do if [ -f "${key_dir}/${host_key_file}.key.pem.new" ] \ && [ -f "${key_dir}/${host_key_file}.cert.pem.new" ]; then + if [ "$(stat -c%Y "${key_dir}/${host_key_file}.key.pem.new")" -ge "$(($(date +%s)-60*60*24*30))" ] \ + && [ -f "${key_dir}/${host_key_file}.key.pem" ] \ + && [ "$(stat -c%Y "${key_dir}/${host_key_file}.cert.pem.new")" -ge "$(($(date +%s)-60*60*24*30))" ] \ + && [ -f "${key_dir}/${host_key_file}.cert.pem" ]; then + continue + fi mv "${key_dir}/${host_key_file}.key.pem"{.new,} mv "${key_dir}/${host_key_file}.cert.pem"{.new,} updated_something=true @@ -64,6 +70,10 @@ fi printf '%s\n' "${hosts}" \ | while read -r host other_hosts; do + if [ -f "${key_dir}/${host}.key.pem.new" ] \ + && [ -f "${key_dir}/${host}.cert.pem.new" ]; then + continue + fi openssl req -x509 -newkey rsa:4096 \ -keyout "${key_dir}/${host}.key.pem.new" \ -out "${key_dir}/${host}.cert.pem.new" \ |