NOTE distinguished name representation in jsrsasign

TOP | Wiki | DOWNLOADS | TUTORIALS | API REFERENCE | Online Tool | DEMO | NODE TOOL

---

The 'jsrsasign' uses "OpenSSL oneline" format (ex. /C=US/O=Test) for X.500 directory name string representation which is used in subject or issuer name of certificate or server name of OCSP or TSA.

There are two major representation for it:

• standard form(LDAP, RFC 1779, 2253 or 4514)

• ex. CN=example.com,O=TEST,C=US

• RDN(relative distinguished name) is separated by ','

• RDNs are shown in reverse order.

• OpenSSL oneline form

• ex. /C=US/O=TEST/CN=example.com

• RDN(relative distinguished name) is separated by '/'

• RDNs are shown in non-reverse order.

• Used by OpenSSL and OpenSSL based web servers like Apache, nginx.

Currently there is no converter between 'oneline' and 'standard' form however it will be provided near in the future.

REFERENCES

• Java example source code file (X500Name.java)
• OpenSSL X509 command manual;
• stackoverflow: Why does Nginx Provide the Client SSL DN in reverse order?
• LShift: What's in a Distinguished Name?
• IETF RFC 2253 Lightweight Directory Access Protocol (v3): UTF-8 String Representation of Distinguished Names