> From: owner-openssl-us...@openssl.org On Behalf Of Pascal Delaunay > Sent: Thursday, 23 September, 2010 12:00
> The "database" file (an option in your openssl.conf) handles that perfectly. If you use 'ca'; or as Patrick Patterson said, the scripts which do so. Not 'x509 -req [-CAserial file]'; that stores only the (last-used) number. > 2010/9/22 Andy GOKTAS <andy.gok...@state.or.us> > So using the "-CAserial serial.srl" might be a good idea to avoid this. > Now this leads me to the next question: > - Besides manually documenting a cross-reference for each certificate > that I sign to a serial number, is there any way to have this scripted > and for an appending log to the serial.srl file that's updated each time > it's used? In short, a list of cert name (=CN perhaps) and serial number > associated with it. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org