Your browser does not allow storing cookies. We recommend enabling them.

PreviousNextUp[Front page] [Index]

Subject Name

The subject name should be checked and verified. The system automatically checks that the given distinguished name is syntactically correct, and certain CA policies can be used to check that the subject name matches a pattern. Errors in these checks are displayed to the operator before the request is updated or issued, but operators should still be somewhat familiar with the distinguished name format.

However, there can be other, finer policy considerations for the subject name format that the operator must check manually. For example, a person's name can be written in several different formats (first name first, last name first, without middle names, with middle initials, etc). Verifying that the name is in reasonable format for your organization's needs can sometimes be hard to do automatically.

Note: All distinguished names, including the subject name mentioned here, are written in the same order that is used when the names are encoded in certificates. This is exactly the opposite order as the one used in LDAP applications. When dealing with LDAP, SSH Tectia Certifier will convert all distinguished names to the correct order automatically.

PreviousNextUp[Front page] [Index]


What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now