In message <[EMAIL PROTECTED]> on Mon, 2 Sep 2002 15:01:28 +0200, "Dr.
Stephen Henson" <[EMAIL PROTECTED]> said:
steve> That is the problem. You should not create 00 in the serial
steve> file because the serial number 00 is used by default for the
steve> root CA. You should instead use 01. This is mentioned in the
steve> EXAMPLES section of the ca manual page and CA.pl does this.
steve>
steve> OpenSSL shouldn't corrupt index.txt though even if serial is 00.
A way to solve this is to have load_serial() in ca.c check if the
loaded serial number is 0, and set it to 1 in such a case. What would
the implications be?
--
Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47
\ SWEDEN \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
