#!/usr/bin/bash
export OPENSSL_CONF=./etc/kopano-ca.conf
export CA_PWD=kopano
export CA_SUBJ="/DC=de/DC=dts/O=Digital Trust Solutions/OU=Information Security Unit/CN=DTS Signing CA/"
# create ssl certificates for docker network
rm tmp/*.csr
rm db/*.pem
rm db/*.db
rm db/*.srl
touch db/kopano-ca.db
touch db/kopano-ca.db.attr 
echo 01 >db/kopano-ca.crt.srl
echo 01 >db/kopano-ca.crl.srl
# create signing ca (minimal pki)
openssl req -new -reqexts ca_reqext -subj "$CA_SUBJ" -out tmp/kopano-ca.csr -passout pass:$CA_PWD -keyout certs/kopano-ca.key
openssl ca -batch -selfsign -in tmp/kopano-ca.csr -passin env:CA_PWD -out certs/kopano-ca.crt -extensions signing_ca_ext

# create kopano server ssl key (for encryption)
./create-key server

# create kopano clients ssl key pair (for authentification)
# private key for client, public key for server sslkeys
./create-key dagent
./create-key spooler
./create-key search
./create-key webapp
./create-key z-push