From 08595db2eb8c53e0a8628c77d2de7a49bb755fd1 Mon Sep 17 00:00:00 2001 From: Qian Deng Date: Thu, 9 Dec 2021 16:02:02 +0000 Subject: [PATCH] Fix: using traditional `PKCS#1` format RSA key The openssl 3.0.0 using newer `PKCS#8` format. But it's not compatitable with harbor core So using tradictional format instead Signed-off-by: Qian Deng --- make/photon/prepare/utils/cert.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/make/photon/prepare/utils/cert.py b/make/photon/prepare/utils/cert.py index 2c51b02f5..59a357550 100644 --- a/make/photon/prepare/utils/cert.py +++ b/make/photon/prepare/utils/cert.py @@ -46,7 +46,7 @@ def get_alias(path): @stat_decorator def create_root_cert(subj, key_path="./k.key", cert_path="./cert.crt"): - rc = subprocess.call(["/usr/bin/openssl", "genrsa", "-out", key_path, "4096"], stdout=DEVNULL, stderr=subprocess.STDOUT) + rc = subprocess.call(["/usr/bin/openssl", "genrsa", "-traditional", "-out", key_path, "4096"], stdout=DEVNULL, stderr=subprocess.STDOUT) if rc != 0: return rc return subprocess.call(["/usr/bin/openssl", "req", "-new", "-x509", "-key", key_path,\