set -e
-if test "$#" -eq 0; then
+if test "$#" -ne 1 && test "$#" -ne 2; then
echo "Usage: $0 <hostname> [<server-certificate>]"
echo
echo "Add the server certificate <server-certificate> (as .pem file) for "
echo "is read from stdin."
echo
echo "The server certificate is NOT validated in any way, you must do "
- echo "that before using this command or you risk using a insecure "
+ echo "that before using this command or you risk using an insecure "
echo "certificate!"
echo
echo "Must be run in the tlsproxy directory where other configuration "
echo tls_www_server >> "$tempfile"
echo encryption_key >> "$tempfile"
echo signing_key >> "$tempfile"
+echo 'expiration_days = 3650' >> "$tempfile"
certtool --generate-certificate \
--load-privkey proxy-key.pem \
--load-ca-certificate proxy-ca.pem \