It appears that Windows Server 2003 Certificate Services supports sequential certificate serial numbers. This was an undocumented feature that could be turned on using the certutil command or modifying the CA registry. The certutil command line is: certutil –setreg ca \HighSerial “nn” where ’nn’ is a two digit hex number where at least one of the digits is an alpha character.
We are standing up OCSP and the ramdon serial numbers are causing difficulty in setting up the OCSP responder. Is this configuration supported on 2008 R2? Can the same certutil command be used?