cffi throws warnings during the implicit cast from char * to
unsigned char * since the support of these casts is nearing
its end of life.
https://pagure.io/freeipa/issue/7131
Support both openssl 1.0 and 1.1 APIs where sk_* functions got prefixed
with OPENSSL_ in the latter version.
Since referencing a symbol from a dynamically loaded library generates
exception, use the AttributeError exception to catch it and fall back to
the older method.
Fixes https://pagure.io/freeipa/issue/7110
Reviewed-By: Fraser Tweedale <ftweedal@redhat.com>
Also modify cert_request to use this new format. Note, only PEM private
keys are supported for now. NSS databases are not.
https://pagure.io/freeipa/issue/4899
Reviewed-By: Jan Cholasta <jcholast@redhat.com>