> From: openssl-users On Behalf Of Ben Humpert > Sent: Sunday, July 05, 2015 07:58 > Take a look in your openssl.cnf and you should see the option "serial" > with a path / file specified. The serial number is taken from that > file. If the file doesn't exists or is empty when the very first > certificate is created then 01 is used as a serial for it. > That's for 'ca', not for 'req -new -x509'. See my answer. <snip details for 'ca' from Ristic> ________________________________ THIS MESSAGE IS CONFIDENTIAL. This e-mail message and any attachments are proprietary and confidential information protected from disclosure and intended only for the use of the recipient(s) named above. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this message or any attachments is strictly prohibited. If you have received this communication in error, please notify CardConnect immediately by replying to this message and then delete this message and any attachments from your computer.