3.1.1.4.3.1.4 New Certificate Request Using Netscape KEYGEN Request Format

The request MUST be compliant with "Netscape Extensions for User Key Generation Communicator 4.0 Version". For specifications, see [HTMLQ-keygen].

Processing rules for the pwszAttributes parameter:

• CertType: Client MUST add the CertType attribute to the pwszAttributes parameter. The value for this attribute MUST be the string "server".

• rdn value: Client MUST request the subject name information through the rdn attributes. Supported values and their formats MUST be as specified in section 2.2.2.6.4.2.<23>