|Subject:||enhancement to support "old" openssl versions|
running on centos 6.x ... dist openssl version says 1.0.1, but those package versions are somewhat deceptive; they contain backported patches for security issues ... so, even though my openssl is ok, i ran into this letsencrypt issue the other night:long story short, their now-stricter asn parser rejects csrs where the x509 version is unset, which happens with some "old" versions of openssl. the current version of crypt::le doesn't handle this, so i had to hack mine to get cert renewal working again. it's a pretty simple fix (although you may want to implement it in a more robust way than i did), i just added the following line to LE.pm, to explicitly set the version, right after line 1432: return _free(k => $pk, r => $req) unless Net::SSLeay::X509_REQ_set_version($req, 0); # version 1 i thought you might want to include something like that in a future release. let me know if you have any questions, etc. and thanks for writing the module in the first place!