From 47efc09d181f526044689843d87db9f9bcc96cf2 Mon Sep 17 00:00:00 2001
From: Slawomir Koszewski <slawek@koszewscy.waw.pl>
Date: Tue, 24 Mar 2026 07:42:37 +0100
Subject: [PATCH] fix: ensure CA certificate and key are created only if they
 do not exist

---
 make-cert.sh | 23 +++++++++++++----------
 1 file changed, 13 insertions(+), 10 deletions(-)

diff --git a/make-cert.sh b/make-cert.sh
index cbd489a..4df2d29 100755
--- a/make-cert.sh
+++ b/make-cert.sh
@@ -9,16 +9,19 @@ CA_DIR="${CA_DIR:-./ca}"
 CA_NAME="${CA_NAME:-Azurite Emulator CA}"
 STORAGE_ACCOUNT_NAME="${STORAGE_ACCOUNT_NAME:-azuritelocal}"
 mkdir -p "$CA_DIR"
-openssl req \
-    -x509 -noenc -text \
-    -newkey rsa:4096 \
-    -keyout "${CA_DIR}/ca_key.pem" \
-    -out "${CA_DIR}/ca_cert.pem" \
-    -days 3650 \
-    -subj "/CN=$CA_NAME" \
-    -addext "basicConstraints=critical,CA:TRUE,pathlen:0"
-HASH=$(openssl x509 -in "${CA_DIR}/ca_cert.pem" -noout -hash 2>/dev/null)
-ln -sf $(basename "${CA_DIR}/ca_cert.pem") "${CA_DIR}/$HASH.0" # Check it
+if [[ ! -f "${CA_DIR}/ca_cert.pem" || ! -f "${CA_DIR}/ca_key.pem" ]]; then
+    echo "Creating CA certificate and key..."
+    openssl req \
+        -x509 -noenc -text \
+        -newkey rsa:4096 \
+        -keyout "${CA_DIR}/ca_key.pem" \
+        -out "${CA_DIR}/ca_cert.pem" \
+        -days 3650 \
+        -subj "/CN=$CA_NAME" \
+        -addext "basicConstraints=critical,CA:TRUE,pathlen:0"
+    HASH=$(openssl x509 -in "${CA_DIR}/ca_cert.pem" -noout -hash 2>/dev/null)
+    ln -sf ca_cert.pem "${CA_DIR}/$HASH.0" # Check it
+fi
 ALTNAMES=()
 for endpoint in blob queue table; do
     ALTNAMES+=("DNS:${STORAGE_ACCOUNT_NAME}.${endpoint}.core.windows.net")