All generated certificates are being given the same serial number, which is going to prevent us from being able to use revocation lists in the future.
Fixed a while ago.