From 567879616fef806f6fdd0e6733b1647197b1f821 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A9r=C3=B4me=20Schneider?= <jschneider@entrouvert.com>
Date: Wed, 29 Oct 2014 18:40:36 +0100
Subject: [PATCH] postinst: add certificates generation

---
 postinst | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/postinst b/postinst
index 5510398..8cbf569 100644
--- a/postinst
+++ b/postinst
@@ -26,6 +26,16 @@ case "$1" in
             echo "..done"
         fi
 
+        if [ ! -f /etc/$NAME/certs/saml.crt -a ! -f /etc/$NAME/certs/saml.key ]; then
+            echo -n "Generating key material..." >&2
+            openssl genpkey -algorithm rsa -pkeyopt rsa_keygen_bits:2048 -out /etc/$NAME/certs/saml.key >&2
+            openssl req -x509 -new -out /etc/$NAME/certs/saml.crt -subj '/CN=whocares' -key /etc/$NAME/certs/saml.key -days 3650 >&2
+            chown root:$GROUP /etc/$NAME/certs/saml.crt /etc/$NAME/certs/saml.key
+            chmod 640 /etc/$NAME/certs/saml.crt /etc/$NAME/certs/saml.key
+            echo "..done" >&2
+        fi
+
+
         echo -n "Fixing permissions.."
         chown $USER:$GROUP /var/lib/$NAME /var/run/$NAME /var/log/$NAME
         chown $USER:$GROUP /var/lib/$NAME/data /var/lib/$NAME/sessions