getssl cannot parse urls in dictionary from dogtag pki #888
Description
Describe the bug
Receiving certs from any dogtag pki is failing with error, because letsencrypt response directory in multiple lines and dogtab pki returns json in a single line and is therefore not compatible with getssl.
getssl cannot initialize variables, because response in $ca_all_loc is only single line:
---cut---
# APIv1
URL_new_reg=$(echo "$ca_all_loc" | grep "new-reg" | awk -F'"' '{print $4}')
URL_new_authz=$(echo "$ca_all_loc" | grep "new-authz" | awk -F'"' '{print $4}')
URL_new_cert=$(echo "$ca_all_loc" | grep "new-cert" | awk -F'"' '{print $4}')
#API v2
URL_newAccount=$(echo "$ca_all_loc" | grep "newAccount" | awk -F'"' '{print $4}')
URL_newNonce=$(echo "$ca_all_loc" | grep "newNonce" | awk -F'"' '{print $4}')
URL_newOrder=$(echo "$ca_all_loc" | grep "newOrder" | awk -F'"' '{print $4}')
URL_revoke=$(echo "$ca_all_loc" | grep "revokeCert" | awk -F'"' '{print $4}')
---cut---
To Reproduce
Install dogtag pki with acme extension and try to get a certificate in same way as with letsencrypt
in the localhost_access_log of dogtag you can find:
172.25.221.171 - - [20/Oct/2025:12:46:05 +0200] "POST /acme/v1/new-nonce HTTP/1.1" 405 -
getssl is trying to register account with the new-nonce-url
Expected behavior
Same behavior as with letsencrypt
Operating system (please complete the following information):
- OS: all
- Bash Version: all
Additional context
Bugfix for Dogtag PKI:
ca_all_loc=$(curl ${_NOMETER} --user-agent "$CURL_USERAGENT" "${CA}${suffix}" 2> $CURL_RESPONSE_FILE |sed -e 's#,"#,\n"#g')
But better would be maybe (but more dependency):
ca_all_loc=$(curl ${_NOMETER} --user-agent "$CURL_USERAGENT" "${CA}${suffix}" 2> $CURL_RESPONSE_FILE | jq
Would be glad to find some fix in main line some day :-)