[Openswan Users] Generating X 509 certificate problem on Debian Sarge OpenSwan 2.1.3-1

Paul Wouters paul at xelerance.com
Wed Oct 13 17:52:19 CEST 2004

On Mon, 11 Oct 2004 trevor-os at thennion.demon.co.uk wrote:

>> touch index.txt
>> echo "01" > serial
>> mkdir newcerts

> Your 'recipe' has a severe limitations!
> The lines:
> touch indes.txt
> echo "01" > serial
> seem to suggest that it is only intended to create one certificate.
> Even with only one system this becomes a problem if you have to re-issue the
> certificate before it expires.

AFAIK, this is just setting the serial number to 01. It will be increased
when a certificate is generated. It does not limit the number of certificates
you can generate. I use similar code for our wavesec-for-windows code.

 	"Non cogitamus, ergo nihil sumus"

More information about the Users mailing list