diff --git a/.gitignore b/.gitignore
index a7e130a3450fda918e0ba8fc05caaf3cd2745eb8..e2a00dbd5635daf4d539aad9ed517de7179d3a4e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -8,4 +8,5 @@ openssl.cnf
 CA.key
 CA.crt
 CA.p12
+CA.srl
 .server.pid
diff --git a/Makefile b/Makefile
index dcd100ee9e649f313eca8e0d652285c6e47bebeb..8cfbe582d9d74be3bbb648b978b550ccfea8c181 100644
--- a/Makefile
+++ b/Makefile
@@ -5,7 +5,7 @@ install:
 	chmod 755 /usr/local/bin/ssl-ca
 
 clean:
-	rm -rf openssl.cnf certs keys CA.key CA.crt CA.p12 .server.pid
+	rm -rf openssl.cnf certs keys CA.key CA.crt CA.p12 CA.srl .server.pid
 
 test: clean
 	./ssl-ca init
diff --git a/ssl-ca b/ssl-ca
index 62d8d12c370b2533a33c9d020298cdcd8837126a..f8f08e408b9b7ad3cf3f86a83c5878b01e09aa22 100755
--- a/ssl-ca
+++ b/ssl-ca
@@ -15,6 +15,7 @@ default_md = sha256
 email_in_dn = no
 RANDFILE = /dev/urandom
 database = /dev/null
+serial = serial
 
 [ req ]
 distinguished_name = req_distinguished_name
@@ -58,6 +59,12 @@ init () {
     else
         echo "$config" > "openssl.cnf"
     fi
+    if [ -e CA.srl ]
+    then
+        echo CA.srl already exists, skipping.
+    else
+        echo 1000 > CA.srl
+    fi
     if [ -e CA.key ]
     then
         echo CA.key already exists, skipping.
@@ -120,7 +127,7 @@ sign_key () {
         -in "$csr" \
         -out "certs/$1" \
         -CA CA.crt \
-        -set_serial $seed \
+        -CAserial CA.srl \
         -extensions v3_req \
         -extfile openssl.cnf \
         -days 3650 \