Older openssl versions (1.0.1/1.0.2) do not seem to support '-' for /dev/stdin. (#279)

2026-05-06 05:12:54 +00:00 · 2021-09-15 20:42:52 +02:00
parent eea7bfc6bf
commit 598cdf0a21
2 changed files with 4 additions and 2 deletions
--- a/changelogs/fragments/279-acme-openssl.yml
+++ b/changelogs/fragments/279-acme-openssl.yml
@@ -0,0 +1,2 @@
+bugfixes:
+  - "acme_* modules - fix commands composed for OpenSSL backend to retrieve information on CSRs and certificates from stdin to use ``/dev/stdin`` instead of ``-``. This is needed for OpenSSL 1.0.1 and 1.0.2, apparently (https://github.com/ansible-collections/community.crypto/pull/279)."
--- a/plugins/module_utils/acme/backend_openssl_cli.py
+++ b/plugins/module_utils/acme/backend_openssl_cli.py
@@ -230,7 +230,7 @@ class OpenSSLCLIBackend(CryptoBackend):
        filename = csr_filename
        data = None
        if csr_content is not None:
-            filename = '-'
+            filename = '/dev/stdin'
            data = csr_content.encode('utf-8')

        openssl_csr_cmd = [self.openssl_binary, "req", "-in", filename, "-noout", "-text"]
@@ -267,7 +267,7 @@ class OpenSSLCLIBackend(CryptoBackend):
        filename = cert_filename
        data = None
        if cert_content is not None:
-            filename = '-'
+            filename = '/dev/stdin'
            data = cert_content.encode('utf-8')
            cert_filename_suffix = ''
        elif cert_filename is not None: