From ff49149f4ea0f9358a48fe89703df72643f0b9df Mon Sep 17 00:00:00 2001
From: Enrique Araque <minixute@gmail.com>
Date: Wed, 12 Jun 2024 13:28:48 +0200
Subject: [PATCH 1/2] Change cert-tool to use only one wazuh-certificates file
 Before when we want to create diferentents certificates we create one folder
 per wazuh component. Now only use one and improve the scalability

---
 .../cert_tool/certFunctions.sh                | 17 ++++++++++++-
 unattended_installer/cert_tool/certMain.sh    | 25 +++++--------------
 2 files changed, 22 insertions(+), 20 deletions(-)

diff --git a/unattended_installer/cert_tool/certFunctions.sh b/unattended_installer/cert_tool/certFunctions.sh
index fc2bf51e08..a445fb6aaa 100644
--- a/unattended_installer/cert_tool/certFunctions.sh
+++ b/unattended_installer/cert_tool/certFunctions.sh
@@ -456,7 +456,22 @@ function cert_readConfig() {
 }
 
 function cert_setpermisions() {
-    eval "chmod -R 744 ${cert_tmp_path} ${debug}"
+    eval "chmod -R 744 ${1} ${debug}"
+}
+
+function set_certs_directory() {
+
+    if [ -d "${base_path}/wazuh-certificates" ]; then
+        eval "cp -f ${cert_tmp_path}/* ${base_path}/wazuh-certificates ${debug}"
+        eval "rm -R ${cert_tmp_path}"
+        cert_setpermisions "${base_path}/wazuh-certificates"
+        common_logger -d "Wazuh-certificates directory exists. Copied files from '${cert_tmp_path}' to '${base_path}/wazuh-certificates' and removed '${cert_tmp_path}'."
+    else
+        cert_setpermisions "${cert_tmp_path}"
+        eval "mv ${cert_tmp_path} ${base_path}/wazuh-certificates ${debug}"
+        common_logger -d "Moved '${cert_tmp_path}' to '${base_path}/wazuh-certificates'."
+    fi
+
 }
 
 function cert_convertCRLFtoLF() {
diff --git a/unattended_installer/cert_tool/certMain.sh b/unattended_installer/cert_tool/certMain.sh
index 64ba28573a..59e4c547cd 100644
--- a/unattended_installer/cert_tool/certMain.sh
+++ b/unattended_installer/cert_tool/certMain.sh
@@ -159,13 +159,6 @@ function main() {
         done
 
         common_logger "Verbose logging redirected to ${logfile}"
-
-        if [[ -d "${base_path}"/wazuh-certificates ]]; then
-            if [ -n "$(ls -A "${base_path}"/wazuh-certificates)" ]; then
-                common_logger -e "Directory wazuh-certificates already exists in the same path as the script. Please, remove the certs directory to create new certificates."
-                exit 1
-            fi
-        fi
         
         if [[ ! -d "${cert_tmp_path}" ]]; then
             mkdir -p "${cert_tmp_path}"
@@ -183,8 +176,7 @@ function main() {
             cert_generateAdmincertificate
             common_logger "Admin certificates created."
             cert_cleanFiles
-            cert_setpermisions
-            eval "mv ${cert_tmp_path} ${base_path}/wazuh-certificates ${debug}"
+            set_certs_directory
         fi
 
         if [[ -n "${all}" ]]; then
@@ -201,15 +193,13 @@ function main() {
                 common_logger "Wazuh dashboard certificates created."
             fi
             cert_cleanFiles
-            cert_setpermisions
-            eval "mv ${cert_tmp_path} ${base_path}/wazuh-certificates ${debug}"
+            set_certs_directory
         fi
 
         if [[ -n "${ca}" ]]; then
             cert_generateRootCAcertificate
             common_logger "Authority certificates created."
-            cert_cleanFiles
-            eval "mv ${cert_tmp_path} ${base_path}/wazuh-certificates ${debug}"
+            set_certs_directory
         fi
 
         if [[ -n "${cindexer}" ]]; then
@@ -218,8 +208,7 @@ function main() {
                 cert_generateIndexercertificates
                 common_logger "Wazuh indexer certificates created."
                 cert_cleanFiles
-                cert_setpermisions
-                eval "mv ${cert_tmp_path} ${base_path}/wazuh-certificates ${debug}"
+                set_certs_directory
             else
                 common_logger -e "Indexer node not present in config.yml."
                 exit 1
@@ -232,8 +221,7 @@ function main() {
                 cert_generateFilebeatcertificates
                 common_logger "Wazuh Filebeat certificates created."
                 cert_cleanFiles
-                cert_setpermisions
-                eval "mv ${cert_tmp_path} ${base_path}/wazuh-certificates ${debug}"
+                set_certs_directory
             else
                 common_logger -e "Server node not present in config.yml."
                 exit 1
@@ -246,8 +234,7 @@ function main() {
                 cert_generateDashboardcertificates
                 common_logger "Wazuh dashboard certificates created."
                 cert_cleanFiles
-                cert_setpermisions
-                eval "mv ${cert_tmp_path} ${base_path}/wazuh-certificates ${debug}"
+                set_certs_directory
             else
                 common_logger -e "Dashboard node not present in config.yml."
                 exit 1

From 00dd4cc6db10657d2d6416b73d924870b99ae1b2 Mon Sep 17 00:00:00 2001
From: Enrique Araque <minixute@gmail.com>
Date: Tue, 18 Jun 2024 09:53:41 +0200
Subject: [PATCH 2/2] Change the name of the new function to a correct
 nomemclature

---
 unattended_installer/cert_tool/certFunctions.sh |  2 +-
 unattended_installer/cert_tool/certMain.sh      | 12 ++++++------
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/unattended_installer/cert_tool/certFunctions.sh b/unattended_installer/cert_tool/certFunctions.sh
index a445fb6aaa..f431439395 100644
--- a/unattended_installer/cert_tool/certFunctions.sh
+++ b/unattended_installer/cert_tool/certFunctions.sh
@@ -459,7 +459,7 @@ function cert_setpermisions() {
     eval "chmod -R 744 ${1} ${debug}"
 }
 
-function set_certs_directory() {
+function cert_setDirectory() {
 
     if [ -d "${base_path}/wazuh-certificates" ]; then
         eval "cp -f ${cert_tmp_path}/* ${base_path}/wazuh-certificates ${debug}"
diff --git a/unattended_installer/cert_tool/certMain.sh b/unattended_installer/cert_tool/certMain.sh
index 59e4c547cd..246f25a34f 100644
--- a/unattended_installer/cert_tool/certMain.sh
+++ b/unattended_installer/cert_tool/certMain.sh
@@ -176,7 +176,7 @@ function main() {
             cert_generateAdmincertificate
             common_logger "Admin certificates created."
             cert_cleanFiles
-            set_certs_directory
+            cert_setDirectory
         fi
 
         if [[ -n "${all}" ]]; then
@@ -193,13 +193,13 @@ function main() {
                 common_logger "Wazuh dashboard certificates created."
             fi
             cert_cleanFiles
-            set_certs_directory
+            cert_setDirectory
         fi
 
         if [[ -n "${ca}" ]]; then
             cert_generateRootCAcertificate
             common_logger "Authority certificates created."
-            set_certs_directory
+            cert_setDirectory
         fi
 
         if [[ -n "${cindexer}" ]]; then
@@ -208,7 +208,7 @@ function main() {
                 cert_generateIndexercertificates
                 common_logger "Wazuh indexer certificates created."
                 cert_cleanFiles
-                set_certs_directory
+                cert_setDirectory
             else
                 common_logger -e "Indexer node not present in config.yml."
                 exit 1
@@ -221,7 +221,7 @@ function main() {
                 cert_generateFilebeatcertificates
                 common_logger "Wazuh Filebeat certificates created."
                 cert_cleanFiles
-                set_certs_directory
+                cert_setDirectory
             else
                 common_logger -e "Server node not present in config.yml."
                 exit 1
@@ -234,7 +234,7 @@ function main() {
                 cert_generateDashboardcertificates
                 common_logger "Wazuh dashboard certificates created."
                 cert_cleanFiles
-                set_certs_directory
+                cert_setDirectory
             else
                 common_logger -e "Dashboard node not present in config.yml."
                 exit 1