Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-85814

sscg generates CSRs with the wrong version [rhel-10]

Linking RHIVOS CVEs to...Migration: Automation ...RHELPRIO AssignedTeam ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Undefined Undefined
    • rhel-10.1
    • rhel-10.1
    • sscg
    • None
    • sscg-3.0.5-10.el10
    • No
    • Important
    • rhel-stacks-web-servers
    • ssg_core_services
    • 9
    • 10
    • 2
    • False
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • Unspecified
    • Unspecified
    • Unspecified
    • All
    • None

      What were you trying to do that didn't work?

      Use sscg to generate a privately-signed certificate. When OpenSSL is upgraded to 3.5, sscg errors with "Error occurred in X509_REQ_set_version: [error:05880106:x509 certificate routines::passed invalid argument]."

      What is the impact of this issue to you?

      sscg will not work properly and any application that relies on it will not be able to generate initial privately-signed certificates.

      Please provide the package NVR for which the bug is seen:

      sscg-3.0.0-7.el9
      sscg-3.0.5-9.el10

      How reproducible is this bug?:

      Every time

      Steps to reproduce

      1. Update the openssl package to 3.5.0+
      2. Run `sscg` with any set of valid arguments

      Expected results

      Certificates should be generated

      Actual results

      Error occurred in X509_REQ_set_version: [error:05880106:x509 certificate routines::passed invalid argument].

        1. noname
          3 kB

              sgallagh@redhat.com Stephen Gallagher
              sgallagh@redhat.com Stephen Gallagher
              Stephen Gallagher Stephen Gallagher
              Branislav Náter Branislav Náter
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: