Hello, We've generated our own CA for self-signing certificates. The issue is that we package up the openssl install for installation on multiple servers. Therefore, the root CA we create is part of the package as well.
The problem is that since the CA cert will have the same serial number across all servers, any certificates issued from that CA, on different servers, end up having the same serial number. This causes browser issues for obvious reasons. Is there any way to control the incrementing of the serial number from the root CA so that it is completely random, instead of incrementing by 1, which it now defaults to? That way we can have the same root CA installed on multiple machines and not run the chance of generating identical serial numbers for certificates. Thanks in advance -- View this message in context: http://openssl.6102.n7.nabble.com/Increment-certificate-serial-numbers-randomly-tp49712.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
