@@ -99,12 +99,15 @@
     char notBefore[BUFSIZ];
     char notAfter[BUFSIZ];
     char certStr[BUFSIZ];
 #ifndef NO_SSL_SHA
     int shai;
-    char sha_hash[SHA_DIGEST_LENGTH*2];
+    char sha_hash_ascii[SHA_DIGEST_LENGTH * 2 + 1];
+    unsigned char sha_hash_binary[SHA_DIGEST_LENGTH];
     const char *shachars="0123456789ABCDEF";
+
+    sha_hash_ascii[SHA_DIGEST_LENGTH * 2] = '\0';
 #endif
 
     certStr[0] = 0;
     if ((bio = BIO_new(BIO_s_mem())) == NULL) {
 	subject[0] = 0;
@@ -116,47 +119,45 @@
 
 	X509_NAME_print_ex(bio, X509_get_subject_name(cert), 0, flags); 
 	n = BIO_read(bio, subject, min(BIO_pending(bio), BUFSIZ - 1));
 	n = max(n, 0);
 	subject[n] = 0;
-	BIO_flush(bio);
+	(void)BIO_flush(bio);
 
 	X509_NAME_print_ex(bio, X509_get_issuer_name(cert), 0, flags);
 	n = BIO_read(bio, issuer, min(BIO_pending(bio), BUFSIZ - 1));
 	n = max(n, 0);
 	issuer[n] = 0;
-	BIO_flush(bio);
+	(void)BIO_flush(bio);
 
 	i2a_ASN1_INTEGER(bio, X509_get_serialNumber(cert));
 	n = BIO_read(bio, serial, min(BIO_pending(bio), BUFSIZ - 1));
 	n = max(n, 0);
 	serial[n] = 0;
-	BIO_flush(bio);
+	(void)BIO_flush(bio);
 
         if (PEM_write_bio_X509(bio, cert)) {
             n = BIO_read(bio, certStr, min(BIO_pending(bio), BUFSIZ - 1));
             n = max(n, 0);
             certStr[n] = 0;
-            BIO_flush(bio);
+            (void)BIO_flush(bio);
         }
 
 	BIO_free(bio);
     }
 
     strcpy( notBefore, ASN1_UTCTIME_tostr( X509_get_notBefore(cert) ));
     strcpy( notAfter, ASN1_UTCTIME_tostr( X509_get_notAfter(cert) ));
 
 #ifndef NO_SSL_SHA
-    for (shai=0;shai<SHA_DIGEST_LENGTH;shai++)
-    {
-        sha_hash[shai * 2]=shachars[(cert->sha1_hash[shai] & 0xF0) >> 4];
-        sha_hash[shai * 2 + 1]=shachars[(cert->sha1_hash[shai] & 0x0F)];
-    }
-    Tcl_ListObjAppendElement( interp, certPtr,
-	    Tcl_NewStringObj( "sha1_hash", -1) );
-    Tcl_ListObjAppendElement( interp, certPtr,
-	    Tcl_NewStringObj( sha_hash, SHA_DIGEST_LENGTH*2) );
+    X509_digest(cert, EVP_sha1(), sha_hash_binary, NULL);
+    for (shai = 0; shai < SHA_DIGEST_LENGTH; shai++) {
+        sha_hash_ascii[shai * 2]     = shachars[(sha_hash_binary[shai] & 0xF0) >> 4];
+        sha_hash_ascii[shai * 2 + 1] = shachars[(sha_hash_binary[shai] & 0x0F)];
+    }
+    Tcl_ListObjAppendElement( interp, certPtr, Tcl_NewStringObj("sha1_hash", -1) );
+    Tcl_ListObjAppendElement( interp, certPtr, Tcl_NewStringObj(sha_hash_ascii, SHA_DIGEST_LENGTH * 2) );
 
 #endif
     Tcl_ListObjAppendElement( interp, certPtr,
 	    Tcl_NewStringObj( "subject", -1) );
     Tcl_ListObjAppendElement( interp, certPtr,