From 639efaeb7ba590ba056c60fdcccb7c0a5b77e69a Mon Sep 17 00:00:00 2001
From: chrismarget <chrismarget@users.noreply.github.com>
Date: Wed, 11 May 2016 12:01:53 -0400
Subject: [PATCH] Randomize serial numbers of DVSNI challenge certificates.

---
 acme/acme/crypto_util.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/acme/acme/crypto_util.py b/acme/acme/crypto_util.py
index 73f7f8f62..e121b1ac3 100644
--- a/acme/acme/crypto_util.py
+++ b/acme/acme/crypto_util.py
@@ -203,7 +203,7 @@ def gen_ss_cert(key, domains, not_before=None,
     """
     assert domains, "Must provide one or more hostnames for the cert."
     cert = OpenSSL.crypto.X509()
-    cert.set_serial_number(1337)
+    cert.set_serial_number(int(OpenSSL.rand.bytes(16).encode("hex"), 16))
     cert.set_version(2)
 
     extensions = [