diff --git a/bin/regen-certs b/bin/regen-certs
index aa5d0d55..b8bfd3e6 100755
--- a/bin/regen-certs
+++ b/bin/regen-certs
@@ -1,72 +1,77 @@
#!/bin/bash
base_dir=$(dirname $(dirname $0))
cert_dir="${base_dir}/docker/certs/"
if [ ! -d "${cert_dir}" ]; then
mkdir -p ${cert_dir}
fi
if [ ! -f "${cert_dir}/ca.key" ]; then
openssl genrsa -out ${cert_dir}/ca.key 4096
openssl req \
-new \
-x509 \
-nodes \
-days 3650 \
-key ${cert_dir}/ca.key \
-out ${cert_dir}/ca.cert \
-subj '/O=Example CA/'
fi
if [ -f /etc/pki/tls/openssl.cnf ]; then
openssl_cnf="/etc/pki/tls/openssl.cnf"
elif [ -f /etc/ssl/openssl.cnf ]; then
openssl_cnf="/etc/ssl/openssl.cnf"
else
echo "No openssl.cnf"
exit 1
fi
-APP_DOMAIN=$(grep APP_DOMAIN .env | tail -n1 | sed "s/APP_DOMAIN=//")
+if [ "$#" -eq "0" ]; then
+ APP_DOMAIN=$(grep -P "^APP_DOMAIN=.*" .env | tail -n1 | sed "s/APP_DOMAIN=//")
+ DOMAINS="kolab.mgmt.com kolab.hosted.com imap.hosted.com admin.${APP_DOMAIN} meet.${APP_DOMAIN}"
+else
+ DOMAINS=$1
+fi
-for name in kolab.mgmt.com kolab.hosted.com imap.hosted.com {{admin,meet}.,}${APP_DOMAIN}; do
+for name in $DOMAINS; do
openssl genrsa -out ${cert_dir}/${name}.key 4096
openssl req \
-new \
-key ${cert_dir}/${name}.key \
-out ${cert_dir}/${name}.csr \
-subj "/O=Example CA/CN=${name}/" \
-reqexts SAN \
-config <(cat ${openssl_cnf} \
<(printf "[SAN]\nsubjectAltName=DNS:${name}"))
openssl x509 \
-req \
-in ${cert_dir}/${name}.csr \
-CA ${cert_dir}/ca.cert \
-CAkey ${cert_dir}/ca.key \
-CAcreateserial \
-out ${cert_dir}/${name}.cert \
-days 28 \
-extfile <(cat ${openssl_cnf} \
<(printf "[SAN]\nsubjectAltName=DNS:${name}")) \
-extensions SAN
# 'cause java ...
openssl pkcs8 \
-topk8 \
-inform pem \
-in ${cert_dir}/${name}.key \
-outform pem \
-nocrypt \
-out ${cert_dir}/${name}_p8.key
cat ${cert_dir}/${name}.cert \
${cert_dir}/ca.cert > ${cert_dir}/${name}.chain.pem
chmod 644 ${cert_dir}/*.{cert,key,pem}
done