Can create a cert with no serial number?

Viktor Dukhovni openssl-users at
Thu Jun 1 03:13:05 UTC 2023

On Wed, May 31, 2023 at 11:05:14PM -0400, Robert Moskowitz wrote:

> So here there is a real risk of serial number duplication, but the 
> subjectKey will be different.  That is what I am pinning uniqueness on.  

If you intend to be able to publish CRLs, then the serial numbers must
be unique.

CRLs list just the serial numbers of revoked certificates.


More information about the openssl-users mailing list