How to insert special characters in DN

Hi all

I'm trying to make a CSR for a server using certreq.exe and the subject DN has a comma in it. I have tried "\," , "\2C" and "%2C" in the subject filed of the policy.inf file that I use for making the CSR but whatever I use is exactly showed on the certificate. (It is not treated as a special character)

Also I have the same problem with CAs. When I want to install Certification Authority on Win 2008 R2 and server's DN has a comma, the installation stops and shows an error message about "Invalid DN".

How can I solve these problems?

June 5th, 2012 11:20am

in the INF file under Subject field add another field:

X500NameFlags = 0x40000000

for example:

[NewRequest]
Subject = "CN=www.something.com; O=Contoso Pharmaceuticals, Ltd; C=US"
X500NameFlags = 0x40000000
<other attributes>
and use semicolon as a RDN attribute separator.
Free Windows Admin Tool Kit Click here and download it now
June 5th, 2012 12:14pm

thanks a lot. it worked for certreq.exe

Is there a workaround for Microsoft CA naming too?

June 6th, 2012 4:59am
no, there are no workarounds.
Free Windows Admin Tool Kit Click here and download it now
June 6th, 2012 6:51am
Great answer! For context, those values come from https://msdn.microsoft.com/en-us/library/windows/desktop/aa379394%28v=vs.85%29.aspx
March 26th, 2015 4:01pm
Why bother commenting on a three year old thread??????
Free Windows Admin Tool Kit Click here and download it now
March 26th, 2015 11:38pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics