Re: Personal CA: are cert serial numbers critical?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Tom Browder wrote:
> I plan to tidy my automation before the issue of new certs, but I wonder
> how critical it is to ensure unique certificate serial numbers given that
> the certs are only used for us.  I'm not even sure I'll ever revoke any
> cert (they were issued to expire sometime in 2030).
> 
> So, in summary, do I need to ensure cert serial numbers are unique for my
> CA?

Yes, serial numbers should be unique per issuer-DN because the 2-tuple
(issuer-DN, cert serial no.) is expected to be unique in several protocols.

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux