Skip to content

Recommended CA settings for Serial Number of issued X.509 certificates #656

Answered by primetomas
Jinat-Rehana asked this question in Q&A
Discussion options

You must be logged in to vote

Sure you can increase it to more than 8. What is recommended really depend on your policy and use case. For some use cases (IoT) small serial numbers are used. But for most enterprise use cases 12-20 bytes is the "normal". 20 is the max. For a new internal Enterprise CA, I would use the default, as set for new CAs in EJBCA, which I believe is 20.

Replies: 1 comment 3 replies

Comment options

You must be logged in to vote
3 replies
@Jinat-Rehana
Comment options

@primetomas
Comment options

Answer selected by Jinat-Rehana
@Jinat-Rehana
Comment options

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
Q&A
Labels
None yet
2 participants