Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

duplicate Serials after Upgrade 2.1.0 #56

Closed
funked00 opened this issue Aug 16, 2018 · 3 comments
Closed

duplicate Serials after Upgrade 2.1.0 #56

funked00 opened this issue Aug 16, 2018 · 3 comments

Comments

@funked00
Copy link

Hi,

after opening my V 1.3.1 DB with version 2.10 the DB was converted. When signing the first CSR there was an error mesage: "Failed to retrieve unique random serial". In the next try there was no error message and the certificate was generated. But with a serial already in the database.

Best regards,
Daniel
@chris2511
Copy link
Owner

Did the certificates with identical serials have the same issuer?
It is only necessary for certificates issued by the same issuer to have unique serials.

The issue is caused by to narrow random serials (8 bit). It should be 64 bit.

@funked00
Copy link
Author

Yes, the new certificate was signed by the same issuer. The serial was a two digit hex. I noticed the problem because this serial was on the crl already.

@chris2511
Copy link
Owner

Is the Serial also listed in the "CA -> Manage revocations" context menu of the CA?
Because serials on the CRL are also checked and refused when generating a new random serial.
But therefore they must be known by XCA.
I checked this functionality right know and seems to work.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@chris2511 @funked00