active directory - X509 Certificate: Identity of DN (Distinguished Names) -


i use keytool create x509 certificate subject:

cn=alice, ou=demo client, o=mycompany, l=site1, st=wll, c=nz

but after create csr , entry signed (i use "openssl ca") "o" , "l" reversed:

cn=alice, ou=demo client, l=site1, o=mycompany, st=wll, c=nz

are both subjects still considered same? or order important?

they may or may not same, depending on how subject distinguished name (dn) encoded in csr , certificate. dn defined x.501 type name. rfc 5280:

   name ::= choice { -- 1 possibility --      rdnsequence  rdnsequence }     rdnsequence ::= sequence of relativedistinguishedname     relativedistinguishedname ::=      set size (1..max) of attributetypeandvalue     attributetypeandvalue ::= sequence {      type     attributetype,      value    attributevalue }     attributetype ::= object identifier     attributevalue ::= -- defined attributetype

the distinguishednamematch rule defined in rfc 5280 section 7.1 (emphasis mine):

two naming attributes match if attribute types same , values of attributes exact match after processing string preparation algorithm. two relative distinguished names rdn1 , rdn2 match if have same number of naming attributes , each naming attribute in rdn1 there matching naming attribute in rdn2. 2 distinguished names dn1 , dn2 match if have same number of rdns, each rdn in dn1 there matching rdn in dn2, , matching rdns appear in same order in both dns. distinguished name dn1 within subtree defined distinguished name dn2 if dn1 contains @ least many rdns dn2, , dn1 , dn2 match when trailing rdns in dn1 ignored.

if organization (o) , location (l) attributes appear in same relative distinguished name set in subject dn of both csr , certificate, else being equal, dns equal. if in different rdns, order of rdns has been changed, making dns different.


Comments

Post a Comment

Popular posts from this blog

How to connect android app to App engine -

i'm trying connect app in android server i've opened on appengine. my server's name : dddd-daniel-2345 , website server : http://dddd-daniel-2345.appspot.com/ this how connect android app server in app engine: app.yaml: application: dddd-daniel-2345 version: 1 runtime: python27 api_version: 1 threadsafe: yes handlers: - url: .* script: main.app libraries: - name: webapp2 version: "2.5.2" main.py: #!/usr/bin/env python # # copyright 2007 google inc. google.appengine.api import users import webapp2 class userhandler(webapp2.requesthandler): def get(self): user = users.get_current_user() if user: greeting = ('%s,%s,%s' % (user.email(),user.user_id(),user.nickname())) else: greeting = ('not logged in') self.response.out.write(greeting) app = webapp2.wsgiapplication([('/', userhandler),], debug=true) my applications code : add manifast main....
Read more

gcc - MinGW's ld cannot perform PE operations on non PE output file -

i know there other similar questions out there, stackoverflow or not. i've researched lot this, , still didn't find single solution. i'm doing operative system side project. i've been doing in assembly, wanna join c code. test, made assembly code file (called test.asm): [bits 32] global _a section .text _a: jmp $ then made c file (called main.c): extern void a(void); int main(void) { a(); } to link, used file (called make.bat): "c:\mingw\bin\gcc.exe" -ffreestanding -c -o c.o main.c nasm -f coff -o asm.o test.asm "c:\mingw\bin\ld.exe" -ttext 0x100000 --oformat binary -o out.bin c.o asm.o pause i've been researching ages, , i'm still struggling find answer. hope won't flagged duplicate. acknowledge existence of similar questions, have different answers, , none work me. question: what doing wrong? old mingw versions had problem "ld" not able create non-pe files @ all. maybe current versions...
Read more

php - display validation error message next to the textbox in codeigniter -

Image
i'm newbie codeigniter.i want display error message next text box.my view file create.php contains following code. <?php echo validation_errors(); //validation echo form_open('news/create'); //create form ?> <div class="boxes"> <div class="common"> <div class="lables"> <label for="name">name</label> </div> <div class="text_boxes"> <input type="text" name="uname" /><div id="infomessage"><?php echo $message;?></br> </div> </div>` and below controller model: public function create() { $this->load->helper('form'); $this->load->library('form_validation'); $data['title'] = 'insert items'; $this->form_validation->set_rules('uname','required|min_length[6]|m...
Read more