From 24cfdfc6a3cc6093980f33f63bc182506234d383 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <mail@daniel-baumann.ch>
Date: Wed, 5 Jun 2013 22:22:57 +0200
Subject: Adding hook to remove ssl-cert-snakeoil by default.

---
 functions/defaults.sh                            |  1 +
 share/hooks/0195-remove-ssl-cert-snakeoil.chroot | 13 +++++++++++++
 2 files changed, 14 insertions(+)
 create mode 100755 share/hooks/0195-remove-ssl-cert-snakeoil.chroot

diff --git a/functions/defaults.sh b/functions/defaults.sh
index d2b71058b..3f8825202 100755
--- a/functions/defaults.sh
+++ b/functions/defaults.sh
@@ -507,6 +507,7 @@ Set_defaults ()
 		remove-openssh-server-host-keys \
 		remove-python-py \
 		remove-temporary-files \
+		remove-ssl-cert-snakeoil \
 		remove-udev-persistent-cd-rules \
 		remove-udev-persistent-net-rules \
 		remove-systemd-machine-id \
diff --git a/share/hooks/0195-remove-ssl-cert-snakeoil.chroot b/share/hooks/0195-remove-ssl-cert-snakeoil.chroot
new file mode 100755
index 000000000..cdfe39d24
--- /dev/null
+++ b/share/hooks/0195-remove-ssl-cert-snakeoil.chroot
@@ -0,0 +1,13 @@
+#!/bin/sh
+
+set -e
+
+# Remove ssl-cert snakeoil
+
+if [ -e /etc/ssl/certs/ssl-cert-snakeoil.pem ]
+then
+	rm -f /etc/ssl/certs/$(openssl x509 -hash -noout -in /etc/ssl/certs/ssl-cert-snakeoil.pem)
+
+	rm -f /etc/ssl/certs/ssl-cert-snakeoil.pem
+	rm -f /etc/ssl/private/ssl-cert-snakeoil.key
+fi
-- 
cgit v1.2.3