On Fri, Mar 09, 2001 at 02:57:18PM +0100, [EMAIL PROTECTED] wrote:
> --- x509.pod 2001/01/10 14:35:20 1.11
> +++ x509.pod 2001/03/09 13:57:14 1.12
> @@ -36,6 +36,7 @@
> [B<-addreject arg>]
> [B<-setalias arg>]
> [B<-days arg>]
> +[B<-set_serial n>]
> [B<-signkey filename>]
> [B<-x509toreq>]
> [B<-req>]
> @@ -292,6 +293,16 @@
>
> by default a certificate is expected on input. With this option a
> certificate request is expected instead.
> +
> +=item B<-set_serial n>
> +
> +specifies the serial number to use. This option can be used with either
> +the B<-signkey> or B<-CA> options. If used in conjunction with the B<-CA>
> +option the serial number file (as specified by the B<-CAserial> or
> +B<-CAcreateserial> options) is not used.
> +
> +The serial number can be decimal or hex (if preceded by B<0x>). Negative
> +serial numbers can also be specified but their use is not recommended.
>
> =item B<-CA filename>
Also 'openssl x509' cannot read negative serial numbers from its serial
number file. ('make test' used to fail in 0.9.7-dev because
the serial number could spontaneously turn negative when it
was written back; you had to run the test twice to see this error
because the first time the serial number has yet to be created.)
--
Bodo Möller <[EMAIL PROTECTED]>
PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html
* TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt
* Tel. +49-6151-16-6628, Fax +49-6151-16-6036
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
