do not keep CSRs
[lets-encrypt-tiny.git] / gencsr
diff --git a/gencsr b/gencsr
index 2e33a6a57ff51989b5f79768b1155475a7ee5c44..d4d17c6de73038fb5061da54b56ae802edd71fab 100755 (executable)
--- a/gencsr
+++ b/gencsr
@@ -9,7 +9,7 @@ shift
 
 test -f "$KEY" || (echo "Usage: $0 KEY.key DOMAIN1 DOMAIN2"; exit 1)
 
-openssl req -new -sha256 -key "$1" -subj "/" -reqexts SAN \
+openssl req -new -sha256 -key "$KEY" -subj "/" -reqexts SAN \
   -config <(cat /etc/ssl/openssl.cnf \
   <(echo "[SAN]"; echo -n "subjectAltName="; unset COMMA; \
     for domain in "$@"; do test -n "$COMMA" && echo -n ","; echo -n "DNS:$domain"; COMMA=1; done; echo) \