#!/bin/bash
set -e
cd -- $( dirname -- "${BASH_SOURCE[0]}" )

ORG="Hochschule Augsburg"
PROJ="TSGRain"

BASE_DEV="$(pwd)/dev"
export OPENSSL_CONF=$(pwd)/openssl.cnf

if [ -e $BASE_DEV ]; then
    echo "CA already exists, creating new certificate"
    cd $BASE_DEV
else
    echo "Creating new CA"

    mkdir -p $BASE_DEV/{private,certs}
    touch $BASE_DEV/index.txt
    echo 00 > $BASE_DEV/serial
    cd $BASE_DEV

    echo "Development CA"
    openssl req -newkey rsa -keyout private/ca.key.pem -out ca.csr.pem -subj "/O=$ORG/CN=$PROJ Development CA"
    openssl ca -batch -selfsign -extensions v3_ca -in ca.csr.pem -out ca.cert.pem -keyfile private/ca.key.pem
fi

SN=$(cat serial)

echo "Development Signing Keys 1"
openssl req -newkey rsa -keyout private/development-$SN.key.pem -out development-$SN.csr.pem -subj "/O=$ORG/CN=$PROJ Development-$SN"
openssl ca -batch -extensions v3_leaf -in development-$SN.csr.pem -out development-$SN.cert.pem