Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Hi all,
We've already seen How to add Subject Alternative Name to your certificate requests (C#). What if we want to set Alternative Directory Name (XCN_CERT_ALT_NAME_DIRECTORY_NAME) in addition to Subject Alternative Name (XCN_CERT_ALT_NAME_RFC822_NAME)?
The interface we use for the alternative names has different methods that we can use depending on the value we want to set:
IAlternativeName interface
"
You can initialize an IAlternativeName object from an AlternativeNameType enumeration. The following types are available, but they are supported by different initialization methods as indicated.
Value: XCN_CERT_ALT_NAME_RFC822_NAME
Description: The name is an email address.
Initialization method: InitializeFromString
Value: XCN_CERT_ALT_NAME_DIRECTORY_NAME
Description: The name is an X.500 directory name.
Initialization method: InitializeFromRawData
"
The C# code to set both Subject Alternative Name and Alternative Directory Name should look like this then:
string strRfc822Name = "myuser@mydomain.com";
string strDirectoryName = "CN=myuser";
...
CAlternativeName objRfc822Name = new CAlternativeName();
CX500DistinguishedName objX500 = new CX500DistinguishedName();
string strDirectory = null;
CAlternativeName objDirectoryName = new CAlternativeName();
CAlternativeNames objAlternativeNames = new CAlternativeNames();
CX509ExtensionAlternativeNames objExtensionAlternativeNames = new CX509ExtensionAlternativeNames();
...
// Set Alternative RFC822 Name
objRfc822Name.InitializeFromString(AlternativeNameType.XCN_CERT_ALT_NAME_RFC822_NAME, strRfc822Name);
// Set Alternative Directory Name
objX500.Encode(strDirectoryName, X500NameFlags.XCN_CERT_NAME_STR_FORCE_UTF8_DIR_STR_FLAG);
strDirectory = objX500.get_EncodedName(EncodingType.XCN_CRYPT_STRING_BINARY);
objDirectoryName.InitializeFromRawData(AlternativeNameType.XCN_CERT_ALT_NAME_DIRECTORY_NAME, EncodingType.XCN_CRYPT_STRING_BINARY, strDirectory);
// Set Alternative Names
objAlternativeNames.Add(objRfc822Name);
objAlternativeNames.Add(objDirectoryName);
objExtensionAlternativeNames.InitializeEncode(objAlternativeNames);
objPkcs10.X509Extensions.Add((CX509Extension)objExtensionAlternativeNames);
I hope this helps.
Regards,
Alex (Alejandro Campos Magencio)