raviteja-b
commented
1 year ago This commit fixes this issue https://gerrit.openbmc.org/c/openbmc/phosphor-certificate-manager/+/66940
Closed devenrao closed 1 year ago
raviteja-b
commented
1 year ago This commit fixes this issue https://gerrit.openbmc.org/c/openbmc/phosphor-certificate-manager/+/66940
ojayanth
commented
1 year ago Looking at the latest openssl documentation, the issue seems to be not valid now.
https://github.com/openssl/openssl/issues/20663 "RFC 2986 only defines a single version for CSRs: v1(0). However, many people accidentally use an X.509 version (e.g. v3(2)). This results in a proliferation of CSRs that are invalid."
Also you can refer https://stackoverflow.com/questions/75307507/not-getting-version-3-when-creating-a-csr-file-with-openssl for more details.
raviteja-b
commented
1 year ago @ojayanth if this issue is no longer valid now, please close this issue. please merge this commit which remove TODO sections as well. https://gerrit.openbmc.org/c/openbmc/phosphor-certificate-manager/+/66940/
devenrao
commented
1 year ago Based on this "RFC 2986 only defines a single version for CSRs: v1(0). However, many people accidentally use an X.509 version (e.g. v3(2)). This results in a proliferation of CSRs that are invalid."
as there is no change required closing the issue
https://gerrit.openbmc-project.xyz/c/openbmc/phosphor-certificate-manager/+/19383/26/certs_manager.cpp#186