diff --git a/api_auth_docker/tests/test-gatekeeper.sh b/api_auth_docker/tests/test-gatekeeper.sh
index 744b08d..abb9b1b 100755
--- a/api_auth_docker/tests/test-gatekeeper.sh
+++ b/api_auth_docker/tests/test-gatekeeper.sh
@@ -196,7 +196,6 @@ generate_token() {
   trace 3 "[generate_token] d=${d}\n"
   local p64=$(exec_in_test_container sh -c "echo -n '{\"id\":\"${id}\",\"exp\":${d}}' | basenc --base64url | tr -d '='")
   trace 3 "[generate_token] p64=${p64}\n"
-  # local s=$(echo -n "${h64}.${p64}" | openssl dgst -hmac "${key}" -sha256 -r | cut -sd ' ' -f1)
   local sig=$(exec_in_test_container sh -c "echo -n \"${h64}.${p64}\" | openssl dgst -hmac \"${key}\" -sha256 -r -binary | basenc --base64url | tr -d '='")
   trace 3 "[generate_token] sig=${sig}\n"
   local token="${h64}.${p64}.${sig}"
diff --git a/clients/shell/cyphernode-client.sh b/clients/shell/cyphernode-client.sh
index 237c1f7..729238d 100644
--- a/clients/shell/cyphernode-client.sh
+++ b/clients/shell/cyphernode-client.sh
@@ -8,7 +8,7 @@ invoke_cyphernode()
   local post=${2}
 
   local p64=$(echo -n '{"id":"'${id}'","exp":'$((`date +"%s"`+10))'}' | basenc --base64url | tr -d '=')
-  local s=$(echo -n "$h64.$p64" | openssl dgst -hmac "$key" -sha256 -r | cut -sd ' ' -f1)
+  local s=$(echo -n "$h64.$p64" | openssl dgst -hmac "$key" -sha256 -r -binary | basenc --base64url | tr -d '=')
   local token="$h64.$p64.$s"
 
   if [ -n "${post}" ]; then
diff --git a/cyphernodeconf_docker/templates/installer/testfeatures.sh b/cyphernodeconf_docker/templates/installer/testfeatures.sh
index 8b1140b..3d113d7 100644
--- a/cyphernodeconf_docker/templates/installer/testfeatures.sh
+++ b/cyphernodeconf_docker/templates/installer/testfeatures.sh
@@ -17,7 +17,7 @@ checkgatekeeper() {
   # Let's test expiration: 1 second in payload, request 2 seconds later
 
   local p64=$(echo -n '{"id":"'${id}'","exp":'$(date +"%s")'}' | basenc --base64url | tr -d '=')
-  local s=$(echo -n "$h64.$p64" | openssl dgst -hmac "$k" -sha256 -r | cut -sd ' ' -f1)
+  local s=$(echo -n "$h64.$p64" | openssl dgst -hmac "$k" -sha256 -r -binary | basenc --base64url | tr -d '=')
   local token="$h64.$p64.$s"
 
   echo "  Testing expired request... " > /dev/console
@@ -27,12 +27,12 @@ checkgatekeeper() {
   # Let's test authentication (signature)
 
   p64=$(echo -n '{"id":"'${id}'","exp":'$((`date +"%s"`+10))'}' | basenc --base64url | tr -d '=')
-  s=$(echo -n "$h64.$p64" | openssl dgst -hmac "$k" -sha256 -r | cut -sd ' ' -f1)
+  s=$(echo -n "$h64.$p64" | openssl dgst -hmac "$k" -sha256 -r -binary | basenc --base64url | tr -d '=')
   token="$h64.$p64.a$s"
 
   echo "  Testing bad signature... " > /dev/console
   rc=$(curl -s -o /dev/null -w "%{http_code}" -H "Authorization: Bearer $token" --cacert /gatekeeper/certs/cert.pem https://gatekeeper:<%= gatekeeper_port %>/v0/getblockinfo)
-  [ "${rc}" -ne "403" ] && return 30
+  [ "${rc}" -ne "401" ] && return 30
 
   # Let's test authorization (action access for groups)
 
@@ -45,7 +45,7 @@ checkgatekeeper() {
   id="002"
   eval k='$ukey_'$id
   p64=$(echo -n '{"id":"'${id}'","exp":'$((`date +"%s"`+10))'}' | basenc --base64url | tr -d '=')
-  s=$(echo -n "$h64.$p64" | openssl dgst -hmac "$k" -sha256 -r | cut -sd ' ' -f1)
+  s=$(echo -n "$h64.$p64" | openssl dgst -hmac "$k" -sha256 -r -binary | basenc --base64url | tr -d '=')
   token="$h64.$p64.$s"
 
   echo "  Testing spender trying to do an internal action call... " > /dev/console
@@ -56,7 +56,7 @@ checkgatekeeper() {
   id="003"
   eval k='$ukey_'$id
   p64=$(echo -n '{"id":"'${id}'","exp":'$((`date +"%s"`+10))'}' | basenc --base64url | tr -d '=')
-  s=$(echo -n "$h64.$p64" | openssl dgst -hmac "$k" -sha256 -r | cut -sd ' ' -f1)
+  s=$(echo -n "$h64.$p64" | openssl dgst -hmac "$k" -sha256 -r -binary | basenc --base64url | tr -d '=')
   token="$h64.$p64.$s"
 
   echo "  Testing admin trying to do an internal action call... " > /dev/console
diff --git a/doc/README.md b/doc/README.md
index c14431d..29afb4b 100644
--- a/doc/README.md
+++ b/doc/README.md
@@ -79,7 +79,7 @@ Currently, basic LN functionalities is offered by Cyphernode.  You can:
 If you need the authorization header to copy/paste in another tool, put your API ID (id=) and API key (k=) in the following command:
 
 ```shell
-id="003";h64=$(echo -n "{\"alg\":\"HS256\",\"typ\":\"JWT\"}" | base64);p64=$(echo -n "{\"id\":\"$id\",\"exp\":$((`date +"%s"`+60))}" | base64);k="b9b8d527a1a27af2ad1697db3521f883760c342fc386dbc42c4efbb1a4d5e0af";s=$(echo -n "$h64.$p64" | openssl dgst -hmac "$k" -sha256 -r | cut -sd ' ' -f1);token="$h64.$p64.$s";echo "Bearer $token"
+id="003";key="b9b8d527a1a27af2ad1697db3521f883760c342fc386dbc42c4efbb1a4d5e0af";h64=$(echo -n '{"alg":"HS256","typ":"JWT"}' | basenc --base64url | tr -d '=');p64=$(echo -n '{"id":"'${id}'","exp":'$((`date +"%s"`+10))'}' | basenc --base64url | tr -d '=');sig=$(echo -n "${h64}.${p64}" | openssl dgst -hmac "${key}" -sha256 -r -binary | basenc --base64url | tr -d '=');token="${h64}.${p64}.${sig}";echo "Bearer $token"
 ```
 
 Directly using curl on command line, put your API ID (id=) and API key (k=) in the following commands: