File import-cert of Package unifi

#!/bin/sh

force=""

while getopts "f" opt; do
  case "${opt}" in
  f)
    force="1"
    ;;
  \?)
    echo "Invalid option: -$OPTARG" >&2
    ;;
  esac
done


. /etc/sysconfig/unifi

# For compatibility with a certificate installed by yast2-ca-management
if [ -z "${UNIFI_TLS_KEY}" -a -r "/etc/ssl/servertcerts/serverkey.pem" ]; then
  UNIFI_TLS_KEY="/etc/ssl/servercerts/serverkey.pem"
fi

if [ -z "${UNIFI_TLS_CERT}" -a -r "/etc/ssl/servercerts/servercert.pem" ]; then
  UNIFI_TLS_CERT="/etc/ssl/servercerts/servercert.pem"
fi

if [ -z "${UNIFI_TLS_CA_CERT}" -a -r "/etc/pki/trust/anchors/YaST-CA.pem" ]; then
  UNIFI_TLS_CA_CERT="/etc/pki/trust/anchors/YaST-CA.pem"
fi

if [ -z "${UNIFI_TLS_KEY}" -o -z "${UNIFI_TLS_CERT}" -o -z "${UNIFI_TLS_CA_CERT}" ]; then
  echo "No certifcate and/or key specified leave Ubiquities certificate."
  exit 0
fi

if [ -z "${UNIFI_TLS_CA_CERT}" ]; then
  echo "Missing certificate \"${UNIFI_TLS_CERT}\"" >&2
  exit -1
fi

if [ \! -r "${UNIFI_TLS_KEY}" ]; then
  echo "Missing key \"${UNIFI_TLS_KEY}\"" >&2
fi

if [ \! -r "${UNIFI_TLS_CERT}" ]; then
  echo "Missing certificate \"${UNIFI_TLS_CERT}\"" >&2
  exit -1
fi

if [ \! -r "${UNIFI_TLS_CA_CERT}" ]; then
  echo "Missing CA certificate \"${UNIFI_TLS_CA_CERT}\"" >&2
  exit -1
fi

if [ "${force}" -o \! -e "/var/lib/unifi/cert-timestamp" -o \
   "${UNIFI_TLS_CERT}" -nt "/var/lib/unifi/cert-timestamp" ]
then
  rm -f /var/tmp/unifi.p12
  openssl pkcs12 -export \
    -in "${UNIFI_TLS_CERT}" -inkey "${UNIFI_TLS_KEY}" -certfile "${UNIFI_TLS_CA_CERT}" \
    -name unifi -password pass:aircontrolenterprise -out /var/tmp/unifi.p12
  mv /usr/lib/unifi/data/keystore /usr/lib/unifi/data/keystore.bak
  keytool -importkeystore -srckeystore /var/tmp/unifi.p12 -srcstoretype PKCS12 -noprompt \
    -srcstorepass aircontrolenterprise -destkeystore /usr/lib/unifi/data/keystore \
    -storepass aircontrolenterprise -deststoretype pkcs12
  touch /var/lib/unifi/cert-timestamp
fi
rm -f /var/tmp/unifi.p12