# File common/lib/symbiosis/domain/ssl.rb, line 152
    def ssl_available_files
      certificates = []
      key_files = []

      # 
      # Try a number of permutations
      #
      %w(combined key crt cert pem).each do |ext|
        #
        # See if the file exists.
        #
        contents = get_param("ssl.#{ext}", self.config_dir)

        #
        # If it doesn't exist/is unreadble, return nil.
        #
        next if false == contents
 
        this_fn = File.join(self.config_dir, "ssl.#{ext}")

        this_cert = nil
        this_key = nil

        #
        # Check the certificate
        #
        begin
          this_cert = OpenSSL::X509::Certificate.new(contents)
        rescue OpenSSL::OpenSSLError
          #
          # This means the file did not contain a cert, or the cert it contains
          # is unreadable.
          #
          this_cert = nil
        end

        #
        # Check to see if the file contains a key.
        #
        begin
          this_key = OpenSSL::PKey::RSA.new(contents)
        rescue OpenSSL::OpenSSLError
          #
          # This means the file did not contain a key, or the key it contains
          # is unreadable.
          #
          this_key = nil
        end

        # 
        # Finally, if we have a key and certificate in one file, check they
        # match, otherwise reject.
        #
        if this_key and this_cert and this_cert.check_private_key(this_key)
          certificates << [this_fn, this_cert]
          key_files << this_fn
        elsif this_key and !this_cert
          key_files << this_fn
        elsif this_cert and !this_key
          certificates << [this_fn, this_cert]
        end
      end

      #
      # Order certificates by time to expiry, penalising any that are
      # before their start time or after their expiry time.
      #
      now = Time.now
      certificate_files = certificates.sort_by { |fn, cert|
        score = cert.not_after.to_i
        score -= not_before.to_i if cert.not_before > now
        score -= now.to_i if now > cert.not_after
        -score
      }.map { |fn, cert| fn }

      [certificate_files, key_files]
    end