[openssl-users] Personal CA: are cert serial numbers critical?
Tom Browder
tom.browder at gmail.com
Wed Aug 16 14:23:05 UTC 2017
On Wed, Aug 16, 2017 at 08:32 Michael Ströder <michael at stroeder.com> wrote:
> Tom Browder wrote:
...
> > So, in summary, do I need to ensure cert serial numbers are unique for my
> > CA?
>
> Yes, serial numbers should be unique per issuer-DN because the 2-tuple
> (issuer-DN, cert serial no.) is expected to be unique in several protocols.
Okay, that's good enough reason for me,
Thanks, Michael.
Cheers!
-Tom
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170816/7dbcc085/attachment.html>
More information about the openssl-users
mailing list