use "openssl dgst" instead of "openssl sha" (fixes #120)

21c18dd3 · Lukas Schauer · 5c189483 · 21c18dd3
Commit 21c18dd3 authored Feb 05, 2016 by Lukas Schauer
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

letsencrypt.sh letsencrypt.sh +2 -2

No files found.
--- a/letsencrypt.sh
+++ b/letsencrypt.sh
@@ -158,7 +158,7 @@ init_system() {
  pubExponent64="$(openssl rsa -in "${PRIVATE_KEY}" -noout -text | grep publicExponent | grep -oE "0x[a-f0-9]+" | cut -d'x' -f2 | hex2bin | urlbase64)"
  pubMod64="$(openssl rsa -in "${PRIVATE_KEY}" -noout -modulus | cut -d'=' -f2 | hex2bin | urlbase64)"

-  thumbprint="$(printf '{"e":"%s","kty":"RSA","n":"%s"}' "${pubExponent64}" "${pubMod64}" | openssl sha -sha256 -binary | urlbase64)"
+  thumbprint="$(printf '{"e":"%s","kty":"RSA","n":"%s"}' "${pubExponent64}" "${pubMod64}" | openssl dgst -sha256 -binary | urlbase64)"

  # If we generated a new private key in the step above we have to register it with the acme-server
  if [[ "${register_new_key}" = "yes" ]]; then
@@ -364,7 +364,7 @@ sign_csr() {
        ;;
      "dns-01")
        # Generate DNS entry content for dns-01 validation
-        keyauth_hook="$(printf '%s' "${keyauth}" | openssl sha -sha256 -binary | urlbase64)"
+        keyauth_hook="$(printf '%s' "${keyauth}" | openssl dgst -sha256 -binary | urlbase64)"
        ;;
    esac