From c17cf529c48659d10eb3444c9f628f895e9cfead Mon Sep 17 00:00:00 2001 From: Thomas Lange Date: Tue, 1 Nov 2022 14:22:29 +0100 Subject: Use PEM format for temporary CSR file The Certificate-Signing-Request file which is passed to Certbot must be encoded either in PEM or DER format. Because PEM is the default, we can omit the unnecessary "-outform der" option of the openssl command. --- package/sbin/painless-le | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'package') diff --git a/package/sbin/painless-le b/package/sbin/painless-le index 124bbe8..d910db0 100755 --- a/package/sbin/painless-le +++ b/package/sbin/painless-le @@ -80,7 +80,7 @@ trap 'rm ${REQUESTFILE}' EXIT # Create Certificate-Signing-Request #=============================================================================== openssl req -config <(cat "${OPENSSLCONF}" <(printf "[SAN]\nsubjectAltName=DNS:`echo ${DNS_DOMAIN} | sed "s/ /,DNS:/g"`")) \ - -new -sha256 -key "${CONFIDENTIAL}" -out "${REQUESTFILE}" -outform der -reqexts SAN -subj "/" + -new -sha256 -key "${CONFIDENTIAL}" -out "${REQUESTFILE}" -reqexts SAN -subj "/" #=============================================================================== # Check if Certificate-Signing-Request creation failed -- cgit v1.2.3