| Original URL: | https://blogs.msdn.microsoft.com/alejacma/2011/11/07/how-to-add-alternative-directory-name-to-your-certificate-request-c/ |
| Post name: | How to add Alternative Directory Name to your certificate request (C#) |
| Original author: | Alejandro Campos Magencio |
| Posting date: | 2011-11-07T07:01:44+00:00 |
Hi all,
We've already seen How to add Subject Alternative Name to your certificate requests (C#). What if we want to set Alternative Directory Name (XCN_CERT_ALT_NAME_DIRECTORY_NAME) in addition to Subject Alternative Name (XCN_CERT_ALT_NAME_RFC822_NAME)?
The interface we use for the alternative names has different methods that we can use depending on the value we want to set:
IAlternativeName interface
"
You can initialize an IAlternativeName object from an AlternativeNameType enumeration. The following types are available, but they are supported by different initialization methods as indicated.
Value: XCN_CERT_ALT_NAME_RFC822_NAME
Description: The name is an email address.
Initialization method: InitializeFromString
Value: XCN_CERT_ALT_NAME_DIRECTORY_NAME
Description: The name is an X.500 directory name.
Initialization method: InitializeFromRawData
"
The C# code to set both Subject Alternative Name and Alternative Directory Name should look like this then:
string strRfc822Name = "myuser@mydomain.com";
string strDirectoryName = "CN=myuser";
...
CAlternativeName objRfc822Name = new CAlternativeName();
CX500DistinguishedName objX500 = new CX500DistinguishedName();
string strDirectory = null;
CAlternativeName objDirectoryName = new CAlternativeName();
CAlternativeNames objAlternativeNames = new CAlternativeNames();
CX509ExtensionAlternativeNames objExtensionAlternativeNames = new CX509ExtensionAlternativeNames();
...
// Set Alternative RFC822 Name
objRfc822Name.InitializeFromString(AlternativeNameType.XCN_CERT_ALT_NAME_RFC822_NAME, strRfc822Name);
// Set Alternative Directory Name
objX500.Encode(strDirectoryName, X500NameFlags.XCN_CERT_NAME_STR_FORCE_UTF8_DIR_STR_FLAG);
strDirectory = objX500.get_EncodedName(EncodingType.XCN_CRYPT_STRING_BINARY);
objDirectoryName.InitializeFromRawData(AlternativeNameType.XCN_CERT_ALT_NAME_DIRECTORY_NAME, EncodingType.XCN_CRYPT_STRING_BINARY, strDirectory);
// Set Alternative Names
objAlternativeNames.Add(objRfc822Name);
objAlternativeNames.Add(objDirectoryName);
objExtensionAlternativeNames.InitializeEncode(objAlternativeNames);
objPkcs10.X509Extensions.Add((CX509Extension)objExtensionAlternativeNames);
I hope this helps.
Regards,
Alex (Alejandro Campos Magencio)
Comments: