[openssl-users] Personal CA: are cert serial numbers critical?

Tom Browder tom.browder at gmail.com
Wed Aug 16 14:23:05 UTC 2017

On Wed, Aug 16, 2017 at 08:32 Michael Ströder <michael at stroeder.com> wrote:

> Tom Browder wrote:


> > So, in summary, do I need to ensure cert serial numbers are unique for my
> > CA?
> Yes, serial numbers should be unique per issuer-DN because the 2-tuple
> (issuer-DN, cert serial no.) is expected to be unique in several protocols.

Okay, that's good enough reason for me,

Thanks, Michael.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170816/7dbcc085/attachment.html>

More information about the openssl-users mailing list