--- ssl-cert.eclass~	2007-12-02 00:33:18.000000000 +0100
+++ ssl-cert.eclass~	2007-12-02 00:37:49.000000000 +0100
@@ -148,6 +148,12 @@ 
 		return 1;
 	fi
 
+	case ${EBUILD_PHASE} in
+		unpack|compile|test|install)
+			eerror "docert cannot be called in ${EBUILD_PHASE}"
+			return 1 ;;
+	esac
+
 	# Initialize configuration
 	gen_cnf || return 1
 	echo
@@ -160,17 +166,16 @@ 
 
 	local count=0
 	for cert in "$@" ; do
-		# Sanitize and check the requested certificate
-		cert="`/usr/bin/basename "${cert}"`"
-		if [ -z "${cert}" ] ; then
+		# Check the requested certificate
+		if [ -z "${cert##*/}" ] ; then
 			ewarn "Invalid certification requested, skipping"
 			continue
 		fi
 
 		# Check for previous existence of generated files
 		for type in key crt pem ; do
-			if [ -e "${D}${INSDESTTREE}/${cert}.${type}" ] ; then
-				ewarn "${D}${INSDESTTREE}/${cert}.${type}: exists, skipping"
+			if [ -e "${ROOT}${cert}.${type}" ] ; then
+				ewarn "${ROOT}${cert}.${type}: exists, skipping"
 				continue 2
 			fi
 		done
@@ -184,14 +189,11 @@ 
 
 		# Install the generated files and set sane permissions
 		local base=`get_base`
-		newins "${base}.key" "${cert}.key"
-		fperms 0400 "${INSDESTTREE}/${cert}.key"
-		newins "${base}.csr" "${cert}.csr"
-		fperms 0444 "${INSDESTTREE}/${cert}.csr"
-		newins "${base}.crt" "${cert}.crt"
-		fperms 0444 "${INSDESTTREE}/${cert}.crt"
-		newins "${base}.pem" "${cert}.pem"
-		fperms 0400 "${INSDESTTREE}/${cert}.pem"
+		install -d "${ROOT}${cert%/*}"
+		install -m0400 "${base}.key" "${ROOT}${cert}.key"
+		install -m0444 "${base}.csr" "${ROOT}${cert}.csr"
+		install -m0444 "${base}.crt" "${ROOT}${cert}.crt"
+		install -m0400 "${base}.pem" "${ROOT}${cert}.pem"
 		count=$((${count}+1))
 	done