certbot: Utiliser pkey pour tester clé

2024-02-20 16:11:59 +01:00 · 2024-02-20 16:11:59 +01:00 · a0fc763a0c
parent a56e8c27ee
commit a0fc763a0c
3 changed files with 5 additions and 4 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -90,6 +90,7 @@ The **patch** part changes is incremented if multiple releases happen the same m
 * vrrpd: variable to force update the switch script (default: false)
 * webapps/nextcloud: Add Ceph volume to fstab
 * webapps/nextcloud: Set home directory's mode
+* certbot: Utiliser pkey pour tester clé

 ### Fixed

--- a/certbot/files/hooks/deploy/hapee.sh
+++ b/certbot/files/hooks/deploy/hapee.sh
@ -39,8 +39,8 @@ concat_files() {
    chown root: "${hapee_cert_file}"
 }
 cert_and_key_mismatch() {
-    hapee_cert_md5=$(openssl x509 -noout -modulus -in "${hapee_cert_file}" | openssl md5)
-    hapee_key_md5=$(openssl rsa -noout -modulus -in "${hapee_cert_file}" | openssl md5)
+    hapee_cert_md5=$(openssl x509 -noout -pubkey -in "${hapee_cert_file}" | openssl md5)
+    hapee_key_md5=$(openssl pkey -noout -pubout -in "${hapee_cert_file}" | openssl md5)

    test "${hapee_cert_md5}" != "${hapee_key_md5}"
 }
--- a/certbot/files/hooks/deploy/haproxy.sh
+++ b/certbot/files/hooks/deploy/haproxy.sh
@ -29,8 +29,8 @@ concat_files() {
    chown root: "${haproxy_cert_file}"
 }
 cert_and_key_mismatch() {
-    haproxy_cert_md5=$(openssl x509 -noout -modulus -in "${haproxy_cert_file}" | openssl md5)
-    haproxy_key_md5=$(openssl rsa -noout -modulus -in "${haproxy_cert_file}" | openssl md5)
+    haproxy_cert_md5=$(openssl x509 -noout -pubkey -in "${haproxy_cert_file}" | openssl md5)
+    haproxy_key_md5=$(openssl pkey -noout -pubout -in "${haproxy_cert_file}" | openssl md5)

    test "${haproxy_cert_md5}" != "${haproxy_key_md5}"
 }