From 6a1f4320005fd90d421664b650956ba9565e8208 Mon Sep 17 00:00:00 2001
From: Timothe Litt <litt@acm.org>
Date: Fri, 27 Sep 2019 11:58:04 -0400
Subject: [PATCH] work-around for http2 syntax differences

Newer curl uses http2 by default, results in

getssl: Error registering account ... JWS has no anti-replay nonce

Force http1.1 as a work-around.

Also add debugging info for "error in EC signing".issue opened
---
 getssl | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/getssl b/getssl
index e869b86..1453870 100755
--- a/getssl
+++ b/getssl
@@ -1139,7 +1139,7 @@ send_signed_request() { # Sends a request to the ACME server, signed with your p
 
   CURL_HEADER="$TEMP_DIR/curl.header"
   dp="$TEMP_DIR/curl.dump"
-  CURL="curl --silent --dump-header $CURL_HEADER "
+  CURL="curl --http1.1 --silent --dump-header $CURL_HEADER "
   if [[ ${_USE_DEBUG} -eq 1 ]]; then
     CURL="$CURL --trace-ascii $dp "
   fi
@@ -1232,7 +1232,7 @@ sign_string() { # sign a string with a given key and algorithm and return urlbas
       R=$(echo "$signed" | cut -c 11-142)
       part2=$(echo "$signed" | cut -c 143-)
     else
-      error_exit "error in EC signing couldn't get R from $signed"
+      error_exit "error in EC signing couldn't get R from $signed ($signalg using $key)"
     fi
     debug "R $R"