From 69a194b2b407b62d39a5ea795ffcf30ee488e422 Mon Sep 17 00:00:00 2001
From: Qian Deng <dengq@vmware.com>
Date: Thu, 9 Dec 2021 16:02:02 +0000
Subject: [PATCH] Fix: using traditional `PKCS#1` format RSA key

The openssl 3.0.0 using newer `PKCS#8` format.
But it's not compatitable with harbor core
So using tradictional format instead

Signed-off-by: Qian Deng <dengq@vmware.com>
---
 make/photon/prepare/utils/cert.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/make/photon/prepare/utils/cert.py b/make/photon/prepare/utils/cert.py
index 2c51b02f5..59a357550 100644
--- a/make/photon/prepare/utils/cert.py
+++ b/make/photon/prepare/utils/cert.py
@@ -46,7 +46,7 @@ def get_alias(path):
 
 @stat_decorator
 def create_root_cert(subj, key_path="./k.key", cert_path="./cert.crt"):
-   rc = subprocess.call(["/usr/bin/openssl", "genrsa", "-out", key_path, "4096"], stdout=DEVNULL, stderr=subprocess.STDOUT)
+   rc = subprocess.call(["/usr/bin/openssl", "genrsa", "-traditional", "-out", key_path, "4096"], stdout=DEVNULL, stderr=subprocess.STDOUT)
    if rc != 0:
         return rc
    return subprocess.call(["/usr/bin/openssl", "req", "-new", "-x509", "-key", key_path,\