# HG changeset patch
# User Kim Alvefur <zash@zash.se>
# Date 1410387029 -7200
# Node ID 61801dacc90b1d7ae5b26eb1b2beafecc3b1aacc
# Parent  938cc782c14d4715922e9acb5844c1d3a58d1ba9
prosodyctl: Use sha256 for certificate requests and self-signed certificates

diff -r 938cc782c14d -r 61801dacc90b prosodyctl
--- a/prosodyctl	Thu Sep 11 00:09:07 2014 +0200
+++ b/prosodyctl	Thu Sep 11 00:10:29 2014 +0200
@@ -736,7 +736,7 @@
 		end
 		local _, key_filename = cert_commands.key({arg[1]});
 		local _, conf_filename = cert_commands.config(arg);
-		if openssl.req{new=true, key=key_filename, utf8=true, config=conf_filename, out=req_filename} then
+		if openssl.req{new=true, key=key_filename, utf8=true, sha256=true, config=conf_filename, out=req_filename} then
 			show_message("Certificate request written to ".. req_filename);
 		else
 			show_message("There was a problem, see OpenSSL output");
@@ -757,7 +757,7 @@
 		local ret;
 		if key_filename and conf_filename and cert_filename
 			and openssl.req{new=true, x509=true, nodes=true, key=key_filename,
-				days=365, sha1=true, utf8=true, config=conf_filename, out=cert_filename} then
+				days=365, sha256=true, utf8=true, config=conf_filename, out=cert_filename} then
 			show_message("Certificate written to ".. cert_filename);
 		else
 			show_message("There was a problem, see OpenSSL output");