diff options
Diffstat (limited to 'lib/x509/x509_write.c')
-rw-r--r-- | lib/x509/x509_write.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/lib/x509/x509_write.c b/lib/x509/x509_write.c index 5a4c4de327..713a7e73cf 100644 --- a/lib/x509/x509_write.c +++ b/lib/x509/x509_write.c @@ -1204,6 +1204,10 @@ gnutls_x509_crt_set_expiration_time(gnutls_x509_crt_t cert, * with the X.509/PKIX specifications the provided @serial should be * a big-endian positive number (i.e. it's leftmost bit should be zero). * + * The size of the serial is restricted to 20 bytes maximum by RFC5280. + * This function allows writing more than 20 bytes but the generated + * certificates in that case may be rejected by other implementations. + * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. **/ |