When the certificate viewer opens, click on the Details tab; Locate the Serial Number entry and click on it. The serial number will populate in the bottom portion of.
Active4 years ago
Is certificate serial number a unique key for X509 certificate?User selects a certificate, and program stores serial number in preferences. Will the following code return the selected certificate?
UPDATE: I ended up using certificate thumbprint, as suggested by jglouie.
davmos
7,60944 gold badges3232 silver badges4040 bronze badges
isobretatelisobretatel
1,66766 gold badges2121 silver badges3737 bronze badges
4 Answers
No. For example, OpenSSL let's the user set this when they create certificates.
See: http://www.openssl.org/docs/apps/x509.html
-set_serial n specifies the serial number to use. This option can be used with either the -signkey or -CA options. If used in conjunction with the -CA option the serial number file (as specified by the -CAserial or -CAcreateserial options) is not used.
The serial number can be decimal or hex (if preceded by 0x). Negative serial numbers can also be specified but their use is not recommended.
jglouiejglouie
9,39244 gold badges3838 silver badges5757 bronze badges
As mentioned in another answer, the serial number must be unique within the CA. So serial number alone can't be used as a unique ID of the certificate -- certificates from different CAs can have the same serial number. You need to store combination of Issuer and SerialNumber properties. Also, for self-signed certificates and home-made CA software numbers will most likely collide as many people will start numbering from 0.
Eugene Mayevski 'Allied BitsEugene Mayevski 'Allied Bits
40.7k77 gold badges5555 silver badges112112 bronze badges
Yes, according to X.509 specification serial number is unique for specific CA:
4.1.2.2 Serial number
The serial number is an integer assigned by the CA to each certificate. It MUST be unique for each certificate issued by a given CA (i.e., the issuer name and serial number identify a unique certificate).
Oybek
5,03444 gold badges2323 silver badges4545 bronze badges
alexkaskoalexkasko
4,14011 gold badge2020 silver badges2929 bronze badges
Cert Serial Number List
TL;DR: You must use a composite key of issuer name + serial number. If you need a simple key, use certificate's thumbprint.
Quoting @ThomasPornin from security.stackexchange:
In a certificate, the serial number is chosen by the CA which issued the certificate. It is just written in the certificate. The CA can choose the serial number in any way as it sees fit, not necessarily randomly (and it has to fit in 20 bytes). A CA is supposed to choose unique serial numbers, that is, unique for the CA. You cannot count on a serial number being unique worldwide; in the dream world of X.509, it is the pair issuerDN+serial which is unique worldwide (each CA having its own unique distinguished name, and taking care not to reuse serial numbers).
Downhill ski racing games. If you donât see the âAllow onceâ button above, please follow the instructions above or check for a step-by-step explanation.Flash is a multimedia platform used for browser games, videos,and other rich internet applications.Every game on Addicting Games is thoroughly tested and checked for viruses andother threats, following our strict content guidelines.This is why you can be absolutely sure that playing Flash games on Addicting Games iscompletely safe.If you have any questions or concerns, feel free to.
The thumbprint is a hash value computed over the complete certificate, which includes all its fields, including the signature. That one is unique worldwide, for a given certificate, up to the inherent collision resistance of the used hash function. Microsoft software tends to use SHA-1, for which some theoretical weaknesses are known, but no actual collision has been produced (yet).
From: https://security.stackexchange.com/questions/35691/what-is-the-difference-between-serial-number-and-thumbprint
Communityâ¦
DineiDinei
1,63711 gold badge1414 silver badges3838 bronze badges
Not the answer you're looking for? Browse other questions tagged c#x509certificateserial-number or ask your own question.
Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |