From 3590188383d8590a1e91573da656776563f65fcb Mon Sep 17 00:00:00 2001
From: Mark Goddard <mark@stackhpc.com>
Date: Wed, 11 Dec 2019 10:59:47 +0000
Subject: [PATCH] CentOS 8: work around mod_ssl certificate issue

CentOS 8 has an issue with mod_ssl which produces an invalid Apache
configuration in /etc/httpd/conf.d/ssl.conf. This causes the following
error on startup:

SSLCertificateFile: file '/etc/pki/tls/certs/localhost.crt' does not exist or is empty

Work around this by generating certificates manually.

Partially-Implements: blueprint centos-rhel-8

Change-Id: Id8bcefa3527575ba72fe37013787ba716e435ac8
---
 docker/base/httpd_setup.sh | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/docker/base/httpd_setup.sh b/docker/base/httpd_setup.sh
index 990062e6d8..edb1d7df65 100644
--- a/docker/base/httpd_setup.sh
+++ b/docker/base/httpd_setup.sh
@@ -15,4 +15,13 @@ if [[ "$(whoami)" == 'root' ]]; then
     else
         rm -rf /var/run/httpd/* /run/httpd/* /tmp/httpd*
     fi
+
+    # CentOS 8 has an issue with mod_ssl which produces an invalid Apache
+    # configuration in /etc/httpd/conf.d/ssl.conf. This causes the following error
+    # on startup:
+    #   SSLCertificateFile: file '/etc/pki/tls/certs/localhost.crt' does not exist or is empty
+    # Work around this by generating certificates manually.
+    if [[ ${KOLLA_BASE_DISTRO} = centos ]] && [[ ! -e /etc/pki/tls/certs/localhost.crt ]]; then
+        /usr/libexec/httpd-ssl-gencerts
+    fi
 fi