diff --git a/getssl b/getssl
index 8269195..48b2655 100755
--- a/getssl
+++ b/getssl
@@ -1445,7 +1445,7 @@ send_signed_request() { # Sends a request to the ACME server, signed with your p
       responseHeaders=$(cat "$CURL_HEADER")
       if [[ "$needbase64" && ${response##*()} != "{"* ]]; then
         # response is in base64 too, decode
-        response=$(echo "$response" | base64 -d 2>&1)
+        response=$(urlbase64_decode "$response")
       fi
 
       debug responseHeaders "$responseHeaders"
@@ -1561,6 +1561,18 @@ urlbase64() { # urlbase64: base64 encoded string with '+' replaced with '-' and
   openssl base64 -e | tr -d '\n\r' | os_esed -e 's:=*$::g' -e 'y:+/:-_:'
 }
 
+# base64url decode
+# From: https://gist.github.com/alvis/89007e96f7958f2686036d4276d28e47
+urlbase64_decode() {
+  INPUT=$1 # $(if [ -z "$1" ]; then echo -n $(cat -); else echo -n "$1"; fi)
+  MOD=$(($(echo -n "$INPUT" | wc -c) % 4))
+  PADDING=$(if [ $MOD -eq 2 ]; then echo -n '=='; elif [ $MOD -eq 3 ]; then echo -n '=' ; fi)
+  echo -n "$INPUT$PADDING" |
+    sed s/-/+/g |
+    sed s/_/\\//g |
+    openssl base64 -d -A
+}
+
 usage() { # echos out the program usage
   echo "Usage: $PROGNAME [-h|--help] [-d|--debug] [-c|--create] [-f|--force] [-a|--all] [-q|--quiet]"\
        "[-Q|--mute] [-u|--upgrade] [-k|--keep #] [-U|--nocheck] [-r|--revoke cert key] [-w working_dir] domain"