From 064a4d7ccbd455c0bde1b527ee8a0453af471148 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Wed, 15 Jun 2016 19:03:32 +0200 Subject: crt.sh: Replace SHA1 by SHA256 as SPKI digest to list certificates. --- certs/gencerts.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'certs') diff --git a/certs/gencerts.sh b/certs/gencerts.sh index 81a27fc..5008f89 100755 --- a/certs/gencerts.sh +++ b/certs/gencerts.sh @@ -21,9 +21,9 @@ x509fpr() { local msg="$1" host cert h spki host="${msg%%,*}"; host="${host%% *}"; host="${host#\`}" cert="$DIR/${host%%:*}.pem" - spki=$(openssl pkey -pubin -outform DER <"$cert" | openssl dgst -sha1 | sed -nr 's/^[^=]+=\s*//p') - [ "$typ" = mdwn ] && printf '\n [%s](https://crt.sh/?spkisha1=%s&iCAID=16418)\n\n' "$msg" "$spki" \ - || printf ' %s\n X.509: https://crt.sh/?spkisha1=%s&iCAID=16418\n SPKI:\n' \ + spki=$(openssl pkey -pubin -outform DER <"$cert" | openssl dgst -sha256 | sed -nr 's/^[^=]+=\s*//p') + [ "$typ" = mdwn ] && printf '\n [%s](https://crt.sh/?spkisha256=%s&iCAID=16418)\n\n' "$msg" "$spki" \ + || printf ' %s\n X.509: https://crt.sh/?spkisha256=%s&iCAID=16418\n SPKI:\n' \ "$( echo "$msg" | tr -d '`' )" "$spki" for h in sha1 sha256; do [ "$typ" = mdwn ] || echo -n ' ' -- cgit v1.2.3