#!/bin/sh

# Generate new self signed certif (different from system overlay)
make-ssl-cert generate-default-snakeoil --force-overwrite >/dev/null 2>/dev/null
# cc-server read cert and key on each connection, even after dropping
# privileges, so this must be allowed
chown -R cc-server /etc/ssl/private/

exec "$@"