|[Front page] [Index]|
The subject name should be checked and verified. The system automatically checks that the given distinguished name is syntactically correct, and certain CA policies can be used to check that the subject name matches a pattern. Errors in these checks are displayed to the operator before the request is updated or issued, but operators should still be somewhat familiar with the distinguished name format.
However, there can be other, finer policy considerations for the subject name format that the operator must check manually. For example, a person's name can be written in several different formats (first name first, last name first, without middle names, with middle initials, etc). Verifying that the name is in reasonable format for your organization's needs can sometimes be hard to do automatically.
Note: All distinguished names, including the subject name mentioned here, are written in the same order that is used when the names are encoded in certificates. This is exactly the opposite order as the one used in LDAP applications. When dealing with LDAP, SSH Tectia Certifier will convert all distinguished names to the correct order automatically.
[Front page] [Index]