[openssl-users] Personal CA: are cert serial numbers critical?

Tom Browder tom.browder at gmail.com
Wed Aug 16 14:32:16 UTC 2017


On Wed, Aug 16, 2017 at 08:36 Salz, Rich via openssl-users <
openssl-users at openssl.org> wrote:

> ➢ So, in summary, do I need to ensure cert serial numbers are unique for
> my CA?
>
> Why would you not?  The specifications require it, but those
> specifications are for interoperability. If nobody is ever going to see
> your certs, then who cares what’s in them?


Well, I do like to abide by specs, and they will be used in various
browsers, so I think I will continue the unique serial numbering.

Thanks, Rich.

Best regards,

-Tom
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170816/89454947/attachment.html>


More information about the openssl-users mailing list