Diff

prosodyctl @ 6405:61801dacc90b

prosodyctl: Use sha256 for certificate requests and self-signed certificates
author Kim Alvefur <zash@zash.se>
date Thu, 11 Sep 2014 00:10:29 +0200
parent 6367:769a3577dd85
child 6486:64146196b142
line wrap: on
line diff
--- a/prosodyctl	Thu Sep 11 00:09:07 2014 +0200
+++ b/prosodyctl	Thu Sep 11 00:10:29 2014 +0200
@@ -736,7 +736,7 @@
 		end
 		local _, key_filename = cert_commands.key({arg[1]});
 		local _, conf_filename = cert_commands.config(arg);
-		if openssl.req{new=true, key=key_filename, utf8=true, config=conf_filename, out=req_filename} then
+		if openssl.req{new=true, key=key_filename, utf8=true, sha256=true, config=conf_filename, out=req_filename} then
 			show_message("Certificate request written to ".. req_filename);
 		else
 			show_message("There was a problem, see OpenSSL output");
@@ -757,7 +757,7 @@
 		local ret;
 		if key_filename and conf_filename and cert_filename
 			and openssl.req{new=true, x509=true, nodes=true, key=key_filename,
-				days=365, sha1=true, utf8=true, config=conf_filename, out=cert_filename} then
+				days=365, sha256=true, utf8=true, config=conf_filename, out=cert_filename} then
 			show_message("Certificate written to ".. cert_filename);
 		else
 			show_message("There was a problem, see OpenSSL output");