]> git.ipfire.org Git - thirdparty/dehydrated.git/commitdiff
projects / thirdparty / dehydrated.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 880c99a)
Avoid writing ec-parameters to private-key file (fixes #830)
authorLukas Schauer <lukas@schauer.dev>
Sun, 31 Oct 2021 19:20:40 +0000 (20:20 +0100)
committerLukas Schauer <lukas@schauer.dev>
Sun, 31 Oct 2021 19:20:40 +0000 (20:20 +0100)
dehydrated patch | blob | blame | history

diff --git a/dehydrated b/dehydrated
index eb38116b3ec06f66111206a2a2b3244d92549873..b7e1ff66afec041717470840ec4f3635f85c87d3 100755 (executable)
--- a/dehydrated
+++ b/dehydrated
@@ -1343,7 +1343,7 @@ sign_domain() {
       tmp_privkey="$(_mktemp)"
       case "${KEY_ALGO}" in
         rsa) _openssl genrsa -out "${tmp_privkey}" "${KEYSIZE}";;
-        prime256v1|secp384r1) _openssl ecparam -genkey -name "${KEY_ALGO}" -out "${tmp_privkey}";;
+        prime256v1|secp384r1) _openssl ecparam -genkey -name "${KEY_ALGO}" -out "${tmp_privkey}" -noout;;
       esac
       cat "${tmp_privkey}" > "${certdir}/privkey-${timestamp}.pem"
       rm "${tmp_privkey}"
@@ -1360,7 +1360,7 @@ sign_domain() {
       echo " + Generating private rollover key..."
       case "${KEY_ALGO}" in
         rsa) _openssl genrsa -out "${certdir}/privkey.roll.pem" "${KEYSIZE}";;
-        prime256v1|secp384r1) _openssl ecparam -genkey -name "${KEY_ALGO}" -out "${certdir}/privkey.roll.pem";;
+        prime256v1|secp384r1) _openssl ecparam -genkey -name "${KEY_ALGO}" -out "${certdir}/privkey.roll.pem" -noout;;
       esac
     fi
     # delete rolloverkeys if disabled
Mirror of https://github.com/dehydrated-io/dehydrated.git