EOF
- openssl req -config $TMPFILE -new -key ${SSLKEYDIR}/apache2-ca.key -out ${SSLKEYDIR}/apache2-ca.csr
+ openssl req -sha256 -config $TMPFILE -new -key ${SSLKEYDIR}/apache2-ca.key -out ${SSLKEYDIR}/apache2-ca.csr
fi
if [ ! -f ${SSLCRTDIR}/apache2-ca.pem ] || [ -n "$KEYS" ]; then
nsCertType = sslCA
EOT
- openssl x509 -extfile $TMPFILE -days 3651 -signkey ${SSLKEYDIR}/apache2-ca.key \
+ openssl x509 -sha256 -extfile $TMPFILE -days 3651 -signkey ${SSLKEYDIR}/apache2-ca.key \
-in ${SSLKEYDIR}/apache2-ca.csr -req -out ${SSLCRTDIR}/apache2-ca.pem
KEYS="${KEYS}
- ${SSLCRTDIR}/apache2-ca.pem"
fi
-mod1=`openssl x509 -noout -modulus -in ${SSLCRTDIR}/apache2-ca.pem`
+mod1=`openssl x509 -sha256 -noout -modulus -in ${SSLCRTDIR}/apache2-ca.pem`
mod2=`openssl rsa -noout -modulus -in ${SSLKEYDIR}/apache2-ca.key`
if [ "$mod1" != "$mod2" ]; then
fi
cd ${SSLCRTDIR}
-ln -sf apache2-ca.pem $(openssl x509 -hash -noout -in apache2-ca.pem)
+ln -sf apache2-ca.pem $(openssl x509 -sha256 -hash -noout -in apache2-ca.pem)
# Generate server certificate
sed "s/HOST/$FQDN/g; s/DOMAIN/$DOMAIN/g; s/WEBMASTER/$WEBMASTER/g" \
< $A2CNDIR/templates/openssl.cnf > "$TMPFILE"
-openssl req -config "$TMPFILE" -new -nodes \
+openssl req -sha256 -config "$TMPFILE" -new -nodes \
-key ${SSLKEYDIR}/apache2.key -out ${SSLKEYDIR}/apache2.csr
-openssl x509 -extfile "$TMPFILE" -days 3650 \
+openssl x509 -sha256 -extfile "$TMPFILE" -days 3650 \
-CAserial "$TMPFILE2" -CA ${SSLCRTDIR}/apache2-ca.pem -CAkey ${SSLKEYDIR}/apache2-ca.key \
-in ${SSLKEYDIR}/apache2.csr -req -out ${SSLCRTDIR}/apache2.pem
-mod1=`openssl x509 -noout -modulus -in ${SSLCRTDIR}/apache2.pem`
+mod1=`openssl x509 -sha256 -noout -modulus -in ${SSLCRTDIR}/apache2.pem`
mod2=`openssl rsa -noout -modulus -in ${SSLKEYDIR}/apache2.key`
if [ "$mod1" != "$mod2" ]; then
- ${SSLKEYDIR}/apache2.key"
cd ${SSLCRTDIR}
-ln -sf apache2.pem $(openssl x509 -hash -noout -in apache2.pem)
+ln -sf apache2.pem $(openssl x509 -sha256 -hash -noout -in apache2.pem)
# Fix file access permissions.