fix up serial generation

src/install-authority.ts

@@ -76,7 +76,10 @@ async function addToLinuxTrustStores (commonName: string, rootCertPath: string):
 // even try it - we just bail out to the GUI.
 async function addToWindowsTrustStores (rootCertPath: string): Promise<void> {
  // IE, Chrome, system utils
- execSync(`certutil -addstore -user root ${rootCertPath}`);
+ try {
+ execSync(`certutil -addstore -user root ${rootCertPath}`);
+ }
+ catch (e) {}
  // Firefox (don't even try NSS certutil, no easy install for Windows)
  await openCertificateInFirefox(rootCertPath, 'start firefox');
 }
@@ -142,4 +145,4 @@ function lookupOrInstallCertutil (): string | void {
  execSync('sudo apt install libnss3-tools');
  return execSync('which certutil').toString().trim();
  }
-}
+}

src/openssl.ts

@@ -56,7 +56,6 @@ function normalizeLinebreaks (str) {
  return str.replace(newline, linebreak);
 }
 
-
 const opensslConfTemplate = ({ commonName, databasePath, serialPath }: OpensslTemplateOpts) => `[ ca ]
 # \`man ca\`
 default_ca = CA_default
@@ -126,7 +125,7 @@ export function generateOpensslConf (commonName: string) {
  const opensslConf = opensslConfTemplate({ commonName, databasePath, serialPath });
  fs.writeFileSync(opensslConfPath, normalizeLinebreaks(opensslConf));
  fs.writeFileSync(databasePath, '');
- fs.writeFileSync(serialPath, '01');
+ fs.writeFileSync(serialPath, Math.round(Math.random() * 16 ** 10).toString(16));
  return opensslConfPath;
 }