starred/dehydrated
1
0
Fork 0
mirror of https://github.com/dehydrated-io/dehydrated.git synced 2026-05-05 22:53:23 +02:00
Code Issues 79 Packages Projects Releases 10 Wiki Activity

Exit with error if somebody is trying to use EC account keys with ACME v1

Browse Source
This commit is contained in:
Lukas Schauer
2021-10-31 22:36:40 +01:00
parent f4cf92bae5
commit 08477170e9
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
dehydrated
View File

@@ -613,6 +613,9 @@ init_system() {
generated="true"
local tmp_account_key
tmp_account_key="$(_mktemp)"
if [[ ${API} -eq 1 && ! "${ACCOUNT_KEY_ALGO}" = "rsa" ]]; then
_exiterr "ACME API version 1 does not support EC account keys"
fi
case "${ACCOUNT_KEY_ALGO}" in
rsa) _openssl genrsa -out "${tmp_account_key}" "${ACCOUNT_KEYSIZE}";;
prime256v1|secp384r1|secp521r1) _openssl ecparam -genkey -name "${ACCOUNT_KEY_ALGO}" -out "${tmp_account_key}" -noout;;