ssvlabs · MatusKysel · Dec 12, 2024 · Dec 10, 2024
diff --git a/cli/flags/operator.go b/cli/flags/operator.go
@@ -122,12 +122,12 @@ func OperatorIDFlag(c *cobra.Command) {
 
 // ServerTLSCertPath sets path to server TLS certificate
 func SetServerTLSCertPath(c *cobra.Command) {
-	AddPersistentStringFlag(c, serverTLSCertPath, "./ssl/tls.crt", "Path to server TLS certificate", false)
+	AddPersistentStringFlag(c, serverTLSCertPath, "./data/ssl/tls.crt", "Path to server TLS certificate", false)
 }
 
 // ServerTLSKeyPath sets path to server server TLS private key
 func SetServerTLSKeyPath(c *cobra.Command) {
-	AddPersistentStringFlag(c, serverTLSKeyPath, "./ssl/tls.key", "Path to server TLS private key", false)
+	AddPersistentStringFlag(c, serverTLSKeyPath, "./data/ssl/tls.key", "Path to server TLS private key", false)
 }
 
 // SetEthEndpointURL

diff --git a/entry-point.sh b/entry-point.sh
@@ -1,27 +1,40 @@
 #!/bin/sh
 
 # Setup directory for certificates
-CERT_DIR=./ssl
+CERT_DIR=./data/ssl
 mkdir -p "$CERT_DIR"
 
 # Paths to the certificate and key files
 CERT_FILE="$CERT_DIR/tls.crt"
 KEY_FILE="$CERT_DIR/tls.key"
 
-# Check if the first argument is "start-operator"
-if [ "$1" = "start-operator" ]; then
-    # Generate a self-signed SSL certificate only if it doesn't exist
-    if [ ! -f "$CERT_FILE" ] || [ ! -f "$KEY_FILE" ]; then
-      echo "Certificate or key file not found. Generating new SSL certificate and key."
-      openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes \
-        -keyout "$KEY_FILE" -out "$CERT_FILE" \
-        -subj "/C=CN/ST=GD/L=SZ/O=$CN, Inc./CN=$CN" \
-        -addext "subjectAltName = DNS:$CN" \
-        -CA $CA -CAkey $CAkey
-    else
-      echo "Existing SSL certificate and key found. Using them."
-    fi
+
+# Generate a self-signed SSL certificate only if it doesn't exist
+if [ ! -f "$CERT_FILE" ] || [ ! -f "$KEY_FILE" ]; then
+  echo "Certificate or key file not found. Generating new SSL certificate and key."
+  if [ -z "$CN" ] || [ -z "$CA" ] || [ -z "$CAkey" ]; then
+    echo "Generating self-signed certificate..."
+    openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes \
+      -keyout "$KEY_FILE" -out "$CERT_FILE" \
+      -subj "/C=CN/ST=GD/L=SZ/O=localhost, Inc./CN=localhost" || {
+        echo "Error: Failed to generate self-signed certificate."
+        exit 1
+      }
+  else 
+    echo "Generating CA-signed certificate..."
+    openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes \
+      -keyout "$KEY_FILE" -out "$CERT_FILE" \
+      -subj "/C=CN/ST=GD/L=SZ/O=$CN, Inc./CN=$CN" \
+      -addext "subjectAltName=DNS:$CN" \
+      -CA "$CA" -CAkey "$CAkey" || {
+        echo "Error: Failed to generate CA-signed certificate."
+        exit 1
+      }
+  fi
+else
+  echo "Existing SSL certificate and key found. Using them."
 fi
 
+
 # Execute the main binary and pass all script arguments
 exec /bin/ssv-dkg "$@"
diff --git a/examples/config/resign.example.yaml b/examples/config/resign.example.yaml
@@ -29,6 +29,6 @@ logLevel: info
 logFormat: json
 logLevelFormat: capitalColor
 logFilePath: ./data/initiator/output/initiator_debug.log
-proofsFilePath: ./data/initiator/output/ceremony-2024-11-18--16-04-55.529/proofs.json
+proofsFilePath: ./data/initiator/output/ceremony-2024-10-14--13-44-41.296/proofs.json
 signatures: 8eb5bce8a1bf52f106233954b096504c934d08962003c41eff1a29e05ddeeebe34133dd66c7fa9512ae74d3124a9f60ee270f312c08c60512a5009ac9bca78911b
 clientCACertPath: ./data/initiator/rootCA.crt