Hi all,
The other day a customer of mine wanted to add Subject Alternative Name (szOID_SUBJECT_ALT_NAME2 - "2.5.29.17") extension to his certificate requests in C# and he didn't know how.
We have IX509ExtensionAlternativeNames interface for that, and a C++ sample can be found here:
enrollCustomPKCS10 "When you install the Microsoft Windows Software Development Kit (SDK), the sample is installed, by default, in the %ProgramFiles%\Microsoft SDKs\Windows\v7.0\Samples\Security\X509 Certificate Enrollment\VC\enrollCustomPKCS10 folder....5.Creates an IAlternativeName object, initializes it by using the RFC822 name specified on the command line, Creates an IAlternativeNames collection, adds the new IAlternativeName (RFC822 name ) object to the collection, creates an IX509ExtensionAlternativeNames object and adds this object to the request."
This sample is available in the latest Microsoft SDK 7.1 too.
The C# code to set this extension should look something like this (taking a sample like this as a base: How to create a certificate request with CertEnroll and .NET (C#)):
string strRfc822Name = "My Alternative RFC822 Name"; ... CAlternativeName objRfc822Name = new CAlternativeName(); CAlternativeNames objAlternativeNames = new CAlternativeNames(); CX509ExtensionAlternativeNames objExtensionAlternativeNames = new CX509ExtensionAlternativeNames(); ... // Set Alternative RFC822 Name objRfc822Name.InitializeFromString(AlternativeNameType.XCN_CERT_ALT_NAME_RFC822_NAME, strRfc822Name); // Set Alternative Names objAlternativeNames.Add(objRfc822Name); objExtensionAlternativeNames.InitializeEncode(objAlternativeNames); objPkcs10.X509Extensions.Add((CX509Extension)objExtensionAlternativeNames);
I hope this helps.
Regards,
Alex (Alejandro Campos Magencio)