Bryan Rosander created NIFI-2621: ------------------------------------ Summary: NiFi CertificateUtils can reuse serial numbers in issued certificates if multiple calls are made in the same millisecond Key: NIFI-2621 URL: https://issues.apache.org/jira/browse/NIFI-2621 Project: Apache NiFi Issue Type: Bug Reporter: Bryan Rosander Assignee: Bryan Rosander
Serial numbers on certificates should be unique. CertificateUtils currently uses System.currentTimeMillis() to generate them. Proposed solution: 1. Use the current time in millis as the most significant part of the serial number 2. Shift it left 32 bits to make room in the BigInteger for an incrementor value 3. Reset the incrementor every time a the generator function is called and the millisecond is different from before -- This message was sent by Atlassian JIRA (v6.3.4#6332)