diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2004-04-20 12:05:26 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2004-04-20 12:05:26 +0000 |
commit | 64674bcc8cee73853d00388a5e83cb1b2f38bec1 (patch) | |
tree | 55da245985e07e8e1c75bf1ae8569012a63cb014 /apps/CA.pl.in | |
parent | 1dc2d655addc773d6d91ee17a52c14a11d1cb8e1 (diff) |
Reduce chances of issuer and serial number duplication by use of random
initial serial numbers.
PR: 842
Diffstat (limited to 'apps/CA.pl.in')
-rw-r--r-- | apps/CA.pl.in | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/apps/CA.pl.in b/apps/CA.pl.in index 2242f7e03b..b09820755d 100644 --- a/apps/CA.pl.in +++ b/apps/CA.pl.in @@ -84,9 +84,6 @@ foreach (@ARGV) { mkdir "${CATOP}/crl", $DIRMODE ; mkdir "${CATOP}/newcerts", $DIRMODE; mkdir "${CATOP}/private", $DIRMODE; - open OUT, ">${CATOP}/serial"; - print OUT "01\n"; - close OUT; open OUT, ">${CATOP}/index.txt"; close OUT; } @@ -105,7 +102,8 @@ foreach (@ARGV) { print "Making CA certificate ...\n"; system ("$REQ -new -keyout " . "${CATOP}/private/$CAKEY -out ${CATOP}/$CAREQ"); - system ("$CA -out ${CATOP}/$CACERT $CADAYS -batch " . + system ("$CA -create_serial " . + "-out ${CATOP}/$CACERT $CADAYS -batch " . "-keyfile ${CATOP}/private/$CAKEY -selfsign " . "-infiles ${CATOP}/$CAREQ "); $RET=$?; |