Work around changes in OpenSSL 1.0.2a
The newer OpenSSL apparently leaves the certificate version number field
empty when we try to set the default value (v1). Some of our self-tests
expect that the same operation (in this case, generating the minicert
that we use for SCEP) will produce bit-for-bit identical values from
both OpenSSL and NSS, so this change breaks that test. Work around it
by manually setting the field rather than using X509_set_version().