[openssl-users] More on cert serialnumbers

Robert Moskowitz rgm at htt-consult.com
Thu Aug 17 15:10:00 UTC 2017

On 08/17/2017 10:50 AM, Salz, Rich via openssl-users wrote:
> And RFC 5280, which is still the standard, says serial# must be <= 20 bytes.  Which means, you want to make sure the high bit is off, else the DER encoding will make it 21 bytes.
> So the new –rand_serial flag I am adding to the CA command will make call RAND_bytes to get 18 bytes.
> On 8/17/17, 10:45 AM, "Salz, Rich via openssl-users" <openssl-users at openssl.org> wrote:
>      https://cabforum.org/2016/07/08/ballot-164/

“Effective September 30, 2016, CAs SHALL generate Certificate serial 
numbers greater than zero (0) containing at least 64 bits of output from 

What does "64 bits of output from a CSPRNG" mean here?  A 4 octet serial 
number is OK?  Or 2^64 bit serial number represented in HEX (how long is 

For now I will use:

openssl rand -hex 18 > serial

My reading on 'openssl rand' SEEMS to indicate it is cryptographically 
strong (provided you have entropy.  See:  cat 

For constrained IoT, I would like to use the smallest possible. Thus the 
clarifying the 64bit question above.



More information about the openssl-users mailing list