Distinguished Names
The Distinguished Name (DN) uniquely identifies an entity in an X.509 certificate. The following attribute types are commonly found in the DN:
The X.509 standard defines other attributes that do not usually form part of the DN but can provide optional extensions to the digital certificate.
CN Common Name T Title O Organization name OU Organizational Unit name L Locality name ST (or SP or S) State or Province name C Country The X.509 standard provides for a DN to be specified in a string format. For example:
CN=John, O=IBM, OU=Test, C=GBAny field within the DN that consists of more than one word requires quotes, either around the field contents or the entire DN. For example:
CN="John Smith", O=IBM, OU=Test, C=GBor"CN=John Smith, O=IBM, OU=Test, C=GB".The Common Name (CN) can describe an individual user or any other entity, for example a Web server.
The DN can contain multiple OU attributes, but one instance only of each of the other attributes is permitted. The order of the OU entries is significant: the order specifies a hierarchy of Organizational Unit names, with the highest-level unit first.
Parent topic:
Digital certificates
sy10570_