From 21c18dd3b8c2572b894d9ec2e5c3fc2589f56f32 Mon Sep 17 00:00:00 2001
From: Lukas Schauer <lukas@schauer.so>
Date: Fri, 5 Feb 2016 16:02:17 +0100
Subject: [PATCH] use "openssl dgst" instead of "openssl sha" (fixes #120)

---
 letsencrypt.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/letsencrypt.sh b/letsencrypt.sh
index 51b0fd3..b2eff4b 100755
--- a/letsencrypt.sh
+++ b/letsencrypt.sh
@@ -158,7 +158,7 @@ init_system() {
   pubExponent64="$(openssl rsa -in "${PRIVATE_KEY}" -noout -text | grep publicExponent | grep -oE "0x[a-f0-9]+" | cut -d'x' -f2 | hex2bin | urlbase64)"
   pubMod64="$(openssl rsa -in "${PRIVATE_KEY}" -noout -modulus | cut -d'=' -f2 | hex2bin | urlbase64)"
 
-  thumbprint="$(printf '{"e":"%s","kty":"RSA","n":"%s"}' "${pubExponent64}" "${pubMod64}" | openssl sha -sha256 -binary | urlbase64)"
+  thumbprint="$(printf '{"e":"%s","kty":"RSA","n":"%s"}' "${pubExponent64}" "${pubMod64}" | openssl dgst -sha256 -binary | urlbase64)"
 
   # If we generated a new private key in the step above we have to register it with the acme-server
   if [[ "${register_new_key}" = "yes" ]]; then
@@ -364,7 +364,7 @@ sign_csr() {
         ;;
       "dns-01")
         # Generate DNS entry content for dns-01 validation
-        keyauth_hook="$(printf '%s' "${keyauth}" | openssl sha -sha256 -binary | urlbase64)"
+        keyauth_hook="$(printf '%s' "${keyauth}" | openssl dgst -sha256 -binary | urlbase64)"
         ;;
     esac
 
-- 
2.47.2