That's great news. We have enough lead time that waiting for the new version should be fine.
Thank you, Duane -----Original Message----- From: Massimiliano Pala [mailto:p...@cs.dartmouth.edu] Sent: Monday, February 08, 2010 3:11 PM To: Users' Help and Suggestions Subject: Re: [Openca-Users] Generating random vs. incremental serial numbers from CA Hi, the new version will enable the "random" serial numbers by default. The new feature can be enabled/disabled on the CA by using the following configuration options: USE_RANDOM_SERIAL "Y" RANDOM_SERIAL_SIZE 10 As the new version should be ready very soon, I have not planned to release any patch against the current version :D Later, Max On 02/08/2010 01:53 PM, Dinschel, Duane wrote: > Currently serial number generation for SSL certificates in the CA is > incremental, with the next value persisted in the > var/openca/crypto/serial file. Microsoft has made recent changes to > its trust certification policy that requires this serial number to be > random instead of incremental. Is there any way to do this in the > current version of OpenCA, or any plans to do this in the near future? > If random serial numbers are introduced, the CA would also need to be > able to deal with collisions in the event a serial number was chosen > that was already in use. ------------------------------------------------------------------------------ The Planet: dedicated and managed hosting, cloud storage, colocation Stay online with enterprise data centers and the best network in the business Choose flexible plans and management services without long-term contracts Personal 24x7 support from experience hosting pros just a phone call away. http://p.sf.net/sfu/theplanet-com _______________________________________________ Openca-Users mailing list Openca-Users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-users
