mirror of
https://github.com/dehydrated-io/dehydrated.git
synced 2026-07-08 05:55:18 +02:00
use "openssl dgst" instead of "openssl sha" (fixes #120)
This commit is contained in:
+2
-2
@@ -158,7 +158,7 @@ init_system() {
|
|||||||
pubExponent64="$(openssl rsa -in "${PRIVATE_KEY}" -noout -text | grep publicExponent | grep -oE "0x[a-f0-9]+" | cut -d'x' -f2 | hex2bin | urlbase64)"
|
pubExponent64="$(openssl rsa -in "${PRIVATE_KEY}" -noout -text | grep publicExponent | grep -oE "0x[a-f0-9]+" | cut -d'x' -f2 | hex2bin | urlbase64)"
|
||||||
pubMod64="$(openssl rsa -in "${PRIVATE_KEY}" -noout -modulus | cut -d'=' -f2 | hex2bin | urlbase64)"
|
pubMod64="$(openssl rsa -in "${PRIVATE_KEY}" -noout -modulus | cut -d'=' -f2 | hex2bin | urlbase64)"
|
||||||
|
|
||||||
thumbprint="$(printf '{"e":"%s","kty":"RSA","n":"%s"}' "${pubExponent64}" "${pubMod64}" | openssl sha -sha256 -binary | urlbase64)"
|
thumbprint="$(printf '{"e":"%s","kty":"RSA","n":"%s"}' "${pubExponent64}" "${pubMod64}" | openssl dgst -sha256 -binary | urlbase64)"
|
||||||
|
|
||||||
# If we generated a new private key in the step above we have to register it with the acme-server
|
# If we generated a new private key in the step above we have to register it with the acme-server
|
||||||
if [[ "${register_new_key}" = "yes" ]]; then
|
if [[ "${register_new_key}" = "yes" ]]; then
|
||||||
@@ -364,7 +364,7 @@ sign_csr() {
|
|||||||
;;
|
;;
|
||||||
"dns-01")
|
"dns-01")
|
||||||
# Generate DNS entry content for dns-01 validation
|
# Generate DNS entry content for dns-01 validation
|
||||||
keyauth_hook="$(printf '%s' "${keyauth}" | openssl sha -sha256 -binary | urlbase64)"
|
keyauth_hook="$(printf '%s' "${keyauth}" | openssl dgst -sha256 -binary | urlbase64)"
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user