[gnutls-help] certtool: Serial number only 31 bit?

Nikos Mavrogiannopoulos nmav at gnutls.org
Thu May 15 13:49:14 CEST 2014

On Thu, May 15, 2014 at 12:08 PM, Josef Wolf <jw at raven.inka.de> wrote:
> Hello,
> I am currently trying to use UUIDs (as Bignum) for the serial number of
> certificates. AFAIK, the RFC 5280 allows up to 20 octets. But I have a hard
> time to specify more than 31 bits in the template file.
> With a prefix of 0x (indicating hex number), I get serial number 0. Ough!
> Given as a decimal number, the number is truncated to 0x7fffffff.
> Is this a limitation in certtool or am I missing something?

It was a limitation. Support for up to 63-bit serial numbers was added in 3.3.0.


More information about the Gnutls-help mailing list