Author Topic: Certificate Serial Number Decrement (Read 4732 times)

NOYB · « **on:** January 05, 2018, 02:06:23 am »

System: Trust: Authorities: Add/Edit
(https://opnsense.office/system_camanager.php?act=edit&id=0)

The "Serial for next certificate" value decrements with each save.
full help: "Enter a decimal number to be used as the serial number for the next certificate to be created using this CA."

Should this value really be decremented by saving? Doesn't seem like it should. Maybe I'm not understanding the use case.

franco · « **Reply #1 on:** January 05, 2018, 08:49:32 am »

Nice catch, it should not. Looks like a regression while fixing https://github.com/opnsense/core/issues/1581

I'll add a test to skip decrement if the value stays the same.

Cheers,
Franco

franco · « **Reply #2 on:** January 05, 2018, 09:01:14 am »

This ok? I'm not entirely sure.

https://github.com/opnsense/core/commit/945b866

NOYB · « **Reply #3 on:** January 05, 2018, 11:01:33 am »

Not entirely sure myself either. But at least now simply saving the CA doesn't change the serial number for the next certificate. Halfway guessing that's the expected behavior.

franco · « **Reply #4 on:** January 05, 2018, 11:07:44 am »

Looks good after creating and updating several CAs. I was worried about newly created CAs... though now its out + 1, in - 1 to be consistent. Just a weird way of displaying the data to fix the user-based interpretation of the value. Thanks for spotting this. Will go to 17.7.12 as well.

Author Topic: Certificate Serial Number Decrement (Read 4732 times)

NOYB

Certificate Serial Number Decrement

franco

Re: Certificate Serial Number Decrement

franco

Re: Certificate Serial Number Decrement

NOYB

Re: Certificate Serial Number Decrement

franco

Re: Certificate Serial Number Decrement