If the root is going to be trusted, make its serial number be one. ☺ Otherwise use eight bytes of random as the serial number, if you follow CABF guidelines.
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
