Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
Description
Serial numbers on certificates should be unique. CertificateUtils currently uses System.currentTimeMillis() to generate them.
Proposed solution:
1. Use the current time in millis as the most significant part of the serial number
2. Shift it left 32 bits to make room in the BigInteger for an incrementor value
3. Add the incrementor value to the BigInteger
4. Reset the incrementor every time a the generator function is called and the millisecond is different from before
Attachments
Issue Links
- links to