From: Lukas Schauer <lukas@schauer.so>
Date: Fri, 5 Feb 2016 15:02:17 +0000 (+0100)
Subject: use "openssl dgst" instead of "openssl sha" (fixes #120)
X-Git-Tag: v0.1.0~32
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=21c18dd3b8c2572b894d9ec2e5c3fc2589f56f32;p=thirdparty%2Fdehydrated.git

use "openssl dgst" instead of "openssl sha" (fixes #120)
---

diff --git a/letsencrypt.sh b/letsencrypt.sh
index 51b0fd3..b2eff4b 100755
--- a/letsencrypt.sh
+++ b/letsencrypt.sh
@@ -158,7 +158,7 @@ init_system() {
   pubExponent64="$(openssl rsa -in "${PRIVATE_KEY}" -noout -text | grep publicExponent | grep -oE "0x[a-f0-9]+" | cut -d'x' -f2 | hex2bin | urlbase64)"
   pubMod64="$(openssl rsa -in "${PRIVATE_KEY}" -noout -modulus | cut -d'=' -f2 | hex2bin | urlbase64)"
 
-  thumbprint="$(printf '{"e":"%s","kty":"RSA","n":"%s"}' "${pubExponent64}" "${pubMod64}" | openssl sha -sha256 -binary | urlbase64)"
+  thumbprint="$(printf '{"e":"%s","kty":"RSA","n":"%s"}' "${pubExponent64}" "${pubMod64}" | openssl dgst -sha256 -binary | urlbase64)"
 
   # If we generated a new private key in the step above we have to register it with the acme-server
   if [[ "${register_new_key}" = "yes" ]]; then
@@ -364,7 +364,7 @@ sign_csr() {
         ;;
       "dns-01")
         # Generate DNS entry content for dns-01 validation
-        keyauth_hook="$(printf '%s' "${keyauth}" | openssl sha -sha256 -binary | urlbase64)"
+        keyauth_hook="$(printf '%s' "${keyauth}" | openssl dgst -sha256 -binary | urlbase64)"
         ;;
     esac