From 61be8c698734950611a123609dd6fe795f17873e Mon Sep 17 00:00:00 2001
From: Rafael Guterres Jeffman <rjeffman@redhat.com>
Date: Tue, 19 Oct 2021 16:32:37 -0300
Subject: [PATCH 01/12] Fix parser fail on certificate verification.

Due to a change in Python's cryptography version 35.0.0 certificate
parser, and a difference in the ASN.1 certificate spec interpretation,
the certificates generated by certmonger fail to be validated.

This patch forces the version for the 'cryptography' package installed
to ignore the affected version, and should allow the tests for this
role to be executed.

certmonger already has a fix for the issue, but it might not be
available for every release supported by certificate role.
---
 tests/tasks/assert_certificate_parameters.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/tests/tasks/assert_certificate_parameters.yml b/tests/tasks/assert_certificate_parameters.yml
index 19c3843..e042f83 100644
--- a/tests/tasks/assert_certificate_parameters.yml
+++ b/tests/tasks/assert_certificate_parameters.yml
@@ -17,7 +17,9 @@
 
 - name: Install certreader
   pip:
-    name: certreader>=0.1.1
+    name:
+      - cryptography<35
+      - certreader>=0.1.1
     virtualenv: "{{ __virtualenv_path }}"
     virtualenv_command: /usr/bin/python3 -m venv
 
-- 
2.34.1