IX500DistinguishedName interface (certenroll.h)
The IX500DistinguishedName interface represents an X.500 distinguished name (DN). The X.500 series of networking standards covers electronic directory services. A distinguished name uniquely identifies (distinguishes) each entry in the directory from all other entries. Each DN consists of one or more relative distinguished names (RDNs).
The subject field of a PKCS #10 certificate request contains the DN of the entity requesting the certificate
CertificationRequestInfo ::= SEQUENCE
{
version CertificationRequestInfoVersion,
subject Name,
subjectPublicKeyInfo SubjectPublicKeyInfo,
attributes [0] IMPLICIT Attributes
}
The DN consists of a sequence of RDNs. Each RDN consists of a set of attributes, and each attribute consists of an object identifier (OID) and a value. The data type of the value is identified by the DirectoryString structure.
Name ::= SEQUENCE OF RelativeDistinguishedName
RelativeDistinguishedName ::= SET OF AttributeTypeValue
AttributeTypeValue ::= SEQUENCE
{
type EncodedObjectID,
value ANY
}
DirectoryString ::= CHOICE
{
teletexString TeletexString (SIZE (1..MAX)),
printableString PrintableString (SIZE (1..MAX)),
universalString UniversalString (SIZE (1..MAX)),
utf8String UTF8String (SIZE (1..MAX)),
bmpString BMPString (SIZE (1..MAX))
}
The following RDN keys and associated OIDs are currently supported.
| Key | OID | Description | RDN type |
|---|---|---|---|
| C | XCN_OID_COUNTRY_NAME | Contains a two-letter ISO 3166 country or region code. | PrintableString |
| CN | XCN_OID_COMMON_NAME | Contains a common name. | PrintableString |
| EEMAIL | XCN_OID_RSA_emailAddr | Contains an email address. | IA5String |
| DC | XCN_OID_DOMAIN_COMPONENT | Contains one component of a Domain Name System (DNS) name. | IA5String |
| GGivenName | XCN_OID_GIVEN_NAME | Contains the part of a person's name that is not a surname. | PrintableString |
| I | XCN_OID_INITIALS | Contains a person's initials. | PrintableString |
| L | XCN_OID_LOCALITY_NAME | Contains the locality name that identifies a city, country, or other geographic region. | PrintableString |
| O | XCN_OID_ORGANIZATION_NAME | Contains the name of an organization. | PrintableString |
| OU | XCN_OID_ORGANIZATIONAL_UNIT_NAME | Contains the name of a unit subdivision within an organization. | PrintableString |
| SST | XCN_OID_STATE_OR_PROVINCE_NAME | Contains the full name of a state or province. | PrintableString |
| STREET | XCN_OID_STREET_ADDRESS | Contains the physical address. | PrintableString |
| SN | XCN_OID_SUR_NAME | Contains the family name of a person. | PrintableString |
| TTITLE | XCN_OID_TITLE | Contains the title of a person in the organization. | PrintableString |
Each service that is based on X.500 defines its own distinguished name string representation. For example, LDAP uses a comma-delimited list arranged from right to left. Active Directory uses a forward slash (/) and arranges the list from left to right. Other services use semicolons as separators. The following example shows an Active Directory entry for an employee named John Peoples who works in the pharmaceutical division of a company named Contoso, Ltd.
/c=gb/o=Contoso Ltd./ou=Contoso Pharmaceuticals/cn=John Peoples
Inheritance
The IX500DistinguishedName interface inherits from the IDispatch interface. IX500DistinguishedName also has these types of members:
Methods
The IX500DistinguishedName interface has these methods.
| IX500DistinguishedName::Decode Initializes the object from a Unicode-encoded distinguished name. |
| IX500DistinguishedName::Encode Initializes the object from a string that contains a distinguished name. |
| IX500DistinguishedName::get_EncodedName Retrieves a Unicode-encoded distinguished name. |
| IX500DistinguishedName::get_Name Retrieves a distinguished name. |
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows Vista [desktop apps only] |
| Minimum supported server | Windows Server 2008 [desktop apps only] |
| Target Platform | Windows |
| Header | certenroll.h |