# Onboarding new client clientside actions.

# Certificate for an OpenLDAP replica  (consumer/client)

export HOSTNAME=`hostname -s`
export CLIENTDIR="$HOSTNAME"-ssl

echo Hostname: $HOSTNAME
echo CLIENTDIR $CLIENTDIR

## Do the path:
cd /usr/share/ldap/$CLIENTDIR
echo Path ... 13 = `pwd`

echo Confirm names:
echo CLIENT_CERT $CLIENT_CERT
echo CLIENT_PRIVKEY $CLIENT_PRIVKEY
echo Path ... 18 = `pwd`

# Create the file certinfo.ldif
sudo rm certinfo.ldif
echo touch + chmod 666 certinfo.ldif ... 22
sudo touch certinfo.ldif
sudo chmod 666 certinfo.ldif

echo """dn: cn=config
delete: olcTLSCertificateFile
olcTLSCertificateFile: /etc/ldap/$CLIENT_CERT
-
delete: olcTLSCertificateKeyFile
olcTLSCertificateKeyFile: /etc/ldap/$CLIENT_PRIVKEY""" > certinfo.ldif

## Configure the slapd-config database:
sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f certinfo.ldif

echo Path ... 36 = `pwd`
cd ..
cd ..
sudo rm -r ldap
echo Path ... 41 = `pwd`

#### DONE
echo DONE