N'installe pas les certificats SSL directement mais via la commande reset, sauvegarde ces certificats lors d'une backup

Makefile

@@ -19,8 +19,6 @@ install:
 	chmod 0644 $(LIBDIR)/*.help
 	install -o root -g root -m 0755 -d $(SHAREDIR)
 	install -o root -g root -m 0755 share/* $(SHAREDIR)
-	install -o openldap -g openldap -m 600 ldap.pem $(ETCDIR)
-	install -o openldap -g openldap -m 600 ldap.key $(ETCDIR)
 
 uninstall:
 	rm $(BINDIR)/slapd-supann

lib/reset

@@ -32,7 +32,13 @@ echo "ok"
 mkdir -p /etc/ldap/slapd.d
 mkdir /var/lib/ldap/config-accesslog/
 
-echo "Installation de la nouvelle configuration .."
+if [ ! -f /var/lib/ldap/ssl.pem -a ! -f /var/lib/ssl.key ]; then
+	echo -n "Installation des certificats SSL par défaut .."
+	cp ${LDIFDIR}/ssl.pem ${LDIFDIR}/ssl.key /var/lib/ldap
+	echo "ok"
+fi
+
+echo -n "Installation de la nouvelle configuration .. "
 slapadd -n0 -F/etc/ldap/slapd.d -l${LDIFDIR}/config.ldif
 
 echo "Installation des schémas .."

lib/restore

@@ -43,9 +43,14 @@ find /var/lib/ldap -type f -delete
 echo "ok"
 
 echo ""
-echo "Restauration du config.ldif .."
+echo -n "Restauration du config.ldif .."
 slapadd -n0 -F/etc/ldap/slapd.d/ -l"$BACKUPDIR/config.ldif"
 
+echo ""
+echo -n "Restauration des certificats SSL .."
+cp $BACKUPDIR/ssl.pem $BACKUPDIR/ssl.key /var/lib/ldap
+echo "ok"
+
 echo ""
 for i in `seq 1 $MAXDB`; do
 	if [ -f "$BACKUPDIR/db-$i.ldif" ]; then

lib/save

@@ -33,6 +33,11 @@ for i in `seq 1 $MAXDB`; do
 		echo "ok"
 	fi
 done
+
+echo -n "Sauvegarde des certificats SSL .."
+cp /var/lib/ldap/ssl.key /var/lib/ldap/ssl.pem ${SAVEDIR}
+echo "ok"
+
 echo "Efface les fichiers vides .."
 find "${SAVEDIR}" -size 0 -delete
 echo "ok"