The attached patch causes serial numbers to default to the current time, significantly reducing the chance of duplicate serial numbers from a given issuer. I have filed the necessary TSA notification.
Mozilla gets a constant stream of problem reports caused by OpenSSL-generated certs with duplicate serial numbers. We would much appreciate you could fix this non-standards-conforming behavior, preferably by integrating this patch. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]