GenerateCSR: Avoid setting CSR version
Latest openssl displays as unknown version while parsing BMC generated
CSRs over openssl command line
As per openssl discussion in this issue, by default CSR version set to 1
https://github.com/openssl/openssl/issues/20663
The only defined CSR version is X509_REQ_VERSION_1, so there is no need
to call X509_REQ_set_version() to set version explicitly
This commit avoids calling X509_REQ_set_version() to set CSR version
Tested By:
1.Generate CSR using redfish interface
2.Parse csr using openssl and check version
openssl req -in csr.txt -noout -text
Certificate Request:
Data:
Version: 1 (0x0)
Change-Id: I29dfc50e661d39fe7930d65079abfee924745d21
Signed-off-by: Ravi Teja <raviteja28031990@gmail.com>
diff --git a/certs_manager.cpp b/certs_manager.cpp
index 53a0bb3..b4e396f 100644
--- a/certs_manager.cpp
+++ b/certs_manager.cpp
@@ -546,16 +546,7 @@
{
int ret = 0;
- // set version of x509 req
- int nVersion = 1;
X509ReqPtr x509Req(X509_REQ_new(), ::X509_REQ_free);
- ret = X509_REQ_set_version(x509Req.get(), nVersion);
- if (ret == 0)
- {
- lg2::error("Error occurred during X509_REQ_set_version call");
- ERR_print_errors_fp(stderr);
- elog<InternalFailure>();
- }
// set subject of x509 req
X509_NAME* x509Name = X509_REQ_get_subject_name(x509Req.get());