Hi all,

 

We've already seen How to add Subject Alternative Name to your certificate requests (C#). What if we want to set Alternative Directory Name (XCN_CERT_ALT_NAME_DIRECTORY_NAME) in addition to Subject Alternative Name (XCN_CERT_ALT_NAME_RFC822_NAME)?

 

The interface we use for the alternative names has different methods that we can use depending on the value we want to set:

IAlternativeName interface
"
You can initialize an IAlternativeName object from an AlternativeNameType enumeration. The following types are available, but they are supported by different initialization methods as indicated.

Value: XCN_CERT_ALT_NAME_RFC822_NAME
Description: The name is an email address.
Initialization method:  InitializeFromString

Value: XCN_CERT_ALT_NAME_DIRECTORY_NAME
Description: The name is an X.500 directory name.
Initialization method:  InitializeFromRawData
"

 

The C# code to set both Subject Alternative Name and Alternative Directory Name should look like this then:

 string strRfc822Name = "myuser@mydomain.com"; 
 string strDirectoryName = "CN=myuser"; 
 ... 
 CAlternativeName objRfc822Name = new CAlternativeName(); 
 CX500DistinguishedName objX500 = new CX500DistinguishedName(); 
 string strDirectory = null; 
 CAlternativeName objDirectoryName = new CAlternativeName(); 
 CAlternativeNames objAlternativeNames = new CAlternativeNames(); 
 CX509ExtensionAlternativeNames objExtensionAlternativeNames = new CX509ExtensionAlternativeNames(); 
 ... 
 
 // Set Alternative RFC822 Name 
 objRfc822Name.InitializeFromString(AlternativeNameType.XCN_CERT_ALT_NAME_RFC822_NAME, strRfc822Name); 
 
 // Set Alternative Directory Name 
 objX500.Encode(strDirectoryName, X500NameFlags.XCN_CERT_NAME_STR_FORCE_UTF8_DIR_STR_FLAG); 
 strDirectory = objX500.get_EncodedName(EncodingType.XCN_CRYPT_STRING_BINARY); 
 objDirectoryName.InitializeFromRawData(AlternativeNameType.XCN_CERT_ALT_NAME_DIRECTORY_NAME, EncodingType.XCN_CRYPT_STRING_BINARY, strDirectory); 
 
 // Set Alternative Names 
 objAlternativeNames.Add(objRfc822Name); 
 objAlternativeNames.Add(objDirectoryName); 
 objExtensionAlternativeNames.InitializeEncode(objAlternativeNames); 
 objPkcs10.X509Extensions.Add((CX509Extension)objExtensionAlternativeNames);

 

I hope this helps.

Regards,

 

Alex (Alejandro Campos Magencio)