: !/bin/sh

echo ""
echo "Step 1: Generating a server key and request signing (csr)"
# generate RSA private key
rm -f /tmp/g2.zip
zip -9 /tmp/g2.zip genkey2
#openssl genrsa -des3 -rand /tmp/g2.zip  -out server.key 2048 
openssl genrsa -aes256 -rand /tmp/g2.zip  -out server.key 4096 
rm -f /tmp/g2.zip

# generate CSR
#openssl req -new -key server.key -addext "subjectAltName = DNS:tmaxapp01p.curtin.edu.au" -out server.csr
#openssl req -new -key server.key -addext "subjectAltName = DNS:telmax.curtin.edu.au DNS:tmaxapp01p.curtin.edu.au" -out server.csr
openssl req -new -key server.key -addext "subjectAltName = DNS:telmax.curtin.edu.au, DNS:tmaxapp01p.curtin.edu.au" -out server.csr

echo ""
echo "Step 2: Making a server.key which doesn't cause apache to prompt for a password."
openssl rsa -in server.key -out server.key.insecure

echo ""
echo "Step 3: Save sercure sserver key and rename server key without pass phrase"
mv server.key server.key.secure
mv server.key.insecure server.key 

# dump contents of csr
openssl req -noout -text -in server.csr >server_csr.txt

echo ""
echo "Step 4: register with verisign and obtain cert.cer certificate"
echo "        run instcert script when you get the cert.cer fiel"
echo ""

exit 0