ASN1Subject

Contains information about the certificate subject. The Subject field in the certificate identifies the entity that owns or controls the public key in the certificate. The entity can be a user, computer, device, or service. The Subjectmust contain an X.500 distinguished name (DN). A DN is a sequence of relative distinguished names (RDNs). The RDNs are separated by commas in the certificate.

CommonName

For CA and end-entity certificates in a private PKI, the common name (CN) can be any string within the length limit.

Note: In publicly trusted certificates, the common name must be a fully qualified domain name (FQDN) associated with the certificate subject.

Type: String

Length Constraints: Minimum length of 0. Maximum length of 64.

Required: No

Country

Two-digit code that specifies the country in which the certificate subject located.

Type: String

Length Constraints: Fixed length of 2.

Pattern: [A-Za-z]{2}

Required: No

CustomAttributes

Contains a sequence of one or more X.500 relative distinguished names (RDNs), each of which consists of an object identifier (OID) and a value. For more information, see NIST’s definition of Object Identifier (OID).

Note

Custom attributes cannot be used in combination with standard attributes.

Type: Array of CustomAttribute objects

Array Members: Minimum number of 1 item. Maximum number of 150 items.

Required: No

DistinguishedNameQualifier

Disambiguating information for the certificate subject.

Type: String

Length Constraints: Minimum length of 0. Maximum length of 64.

Pattern: [a-zA-Z0-9'()+-.?:/= ]*

Required: No

GenerationQualifier

Typically a qualifier appended to the name of an individual. Examples include Jr. for junior, Sr. for senior, and III for third.

Type: String

Length Constraints: Minimum length of 0. Maximum length of 3.

Required: No

GivenName

First name.

Type: String

Length Constraints: Minimum length of 0. Maximum length of 16.

Required: No

Initials

Concatenation that typically contains the first letter of the GivenName, the first letter of the middle name if one exists, and the first letter of the Surname.

Type: String

Length Constraints: Minimum length of 0. Maximum length of 5.

Required: No

Locality

The locality (such as a city or town) in which the certificate subject is located.

Type: String

Length Constraints: Minimum length of 0. Maximum length of 128.

Required: No

Organization

Legal name of the organization with which the certificate subject is affiliated.

Type: String

Length Constraints: Minimum length of 0. Maximum length of 64.

Required: No

OrganizationalUnit

A subdivision or unit of the organization (such as sales or finance) with which the certificate subject is affiliated.

Type: String

Length Constraints: Minimum length of 0. Maximum length of 64.

Required: No

Pseudonym

Typically a shortened version of a longer GivenName. For example, Jonathan is often shortened to John. Elizabeth is often shortened to Beth, Liz, or Eliza.

Type: String

Length Constraints: Minimum length of 0. Maximum length of 128.

Required: No

SerialNumber

The certificate serial number.

Type: String

Length Constraints: Minimum length of 0. Maximum length of 64.

Pattern: [a-zA-Z0-9'()+-.?:/= ]*

Required: No

State

State in which the subject of the certificate is located.

Type: String

Length Constraints: Minimum length of 0. Maximum length of 128.

Required: No

Surname

Family name. In the US and the UK, for example, the surname of an individual is ordered last. In Asian cultures the surname is typically ordered first.

Type: String

Length Constraints: Minimum length of 0. Maximum length of 40.

Required: No

Title

A title such as Mr. or Ms., which is pre-pended to the name to refer formally to the certificate subject.

Type: String

Length Constraints: Minimum length of 0. Maximum length of 64.

Required: No

ASN1Subject

Contents

Note

See Also