a24dd0a2ee
the rsa signature has to be over hash oid + message digest, dropping the oid from the hash leads to invalid certificate requests and selfsigned certificates. fixes #164