From 2bc8cf4583f838a45426a7246e7210404e82b84b Mon Sep 17 00:00:00 2001
From: Jeff Mitchell <jeffrey.mitchell@gmail.com>
Date: Wed, 23 Mar 2016 10:05:38 -0400
Subject: [PATCH] Remove check for using CSR values with non-CA certificate.

The endpoint enforces whether the certificate is a CA or not anyways, so
this ends up not actually providing benefit and causing a bug.

Fixes #1250
---
 builtin/logical/pki/cert_util.go | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/builtin/logical/pki/cert_util.go b/builtin/logical/pki/cert_util.go
index 453cdfdb9e..f35edc2cbb 100644
--- a/builtin/logical/pki/cert_util.go
+++ b/builtin/logical/pki/cert_util.go
@@ -512,10 +512,6 @@ func signCert(b *backend,
 		return nil, err
 	}
 
-	if useCSRValues && !isCA {
-		return nil, certutil.UserError{Err: "cannot use CSR values with a non-CA certificate"}
-	}
-
 	creationBundle.IsCA = isCA
 	creationBundle.UseCSRValues = useCSRValues