Merge pull request #119 from isimluk/cve-2016-4457

Generate new certificate when the default one is not present

initialize_appliance.sh

@@ -1,3 +1,12 @@
 #!/bin/bash
+set -e -o pipefail
 
-[[ ! -f "/var/www/miq/vmdb/certs/v2_key" ]] && appliance_console_cli --key
+KEYPATH="/var/www/miq/vmdb/certs"
+
+[[ ! -f "$KEYPATH/v2_key" ]] && appliance_console_cli --key
+
+CERT="$KEYPATH/server.cer"
+KEY="$CERT.key"
+if [ ! -f "$CERT" -a ! -f "$KEY" ]; then
+  (umask 077 ; openssl req -x509 -newkey rsa -days 1095 -keyout $KEY -out $CERT -subj "/CN=server" -nodes -batch)
+fi