+-b COMMON_NAME By default, use $HOSTNAME or $CLIENT_HOST. If the cert
+ already exists on the server, with the CLIENT_NAME
+ name, we use the existing one. See comment below if we
+ ever want to check existing common names. They must be
+ unique per server, so you can use $(uuidgen) if
+ needed. You used to be able to create multiple with the
+ same name, but not connect at the same time, but now,
+ the generator keeps track, so you can't generate.
+-c CLIENT_HOST default is localhost. Else we ssh to root@CLIENT_HOST