X.500 Distinguished Names

holdbelief

浏览: 698940 次
性别:
来自: 北京

最近访客更多访客>>

fengqingyebai

qq470497848

praise_song

my_program

博主相关

博客

微博

相册

留言

关于我

文章分类

社区版块

存档分类

博客分类：

加密和安全登录

SUN C C++C#

X.500 Distinguished Names被用来标识一个实体，例如那些用主题和发行者（签名者）来命名的X.509证书领域。keytool支持如下部分：

commonName — 一个人的普通名字，例如：“Susan Jones”
organicationUnit — 小组织（例如：部门或者分支）名字。例如：“Perchasing”
organicationName — 大的组织名称，例如：“ABCSysten, Inc.”
localityName — 位置（城市）的名称。例如：“Palo Alto”
stateName — 洲或者省的名称，例如：“California”
country — 两个字母的国家代码，例如：“CH”

如果使用-genkey或者-selfcert命令的情况下，当需要提供一个完整的X.500 Distinguished 名字的字符串作为-dname选项的值时，名字的字符串必须遵守如下格式：

CN=cName, OU=orgUnit, O=org, L=city, S=state, C=countryCode

其中所有的斜体部分是实际的值，另外下面的一些关键字的缩写：

        CN=commonName
        OU=organizationUnit
        O=organizationName
        L=localityName
        S=stateName
        C=country

一个简单的例子：

CN=Mark Smith, OU=JavaSoft, O=Sun, L=Cupertino, S=California, C=US

一个简单的使用上述字符串的命令的例子：

keytool -genkey -dname "CN=Mark Smith, OU=JavaSoft, O=Sun, L=Cupertino, S=California, C=US" -alias mark

缩写不区分大小写。例如："CN", "cn", and "Cn" 被视为相同。
顺序是必要的，每一个子项目按顺序出现。但是不需要有所有的子项。你可能有一个子集，例：

CN=Steve Meier, OU=SunSoft, O=Sun, C=US

如果标识名的字符串中包含逗号。则逗号必须通过转义字符"\"书写：

cn=peter schuster, o=Sun Microsystems\, Inc., o=sun, c=us
当你执行一个命令时，标识符的字符串其实并不是必须的，命令需要该字符串，但不一定必须写在命令行上，因为keytool可以就每个子项逐个向用户提问。在这种情况下，逗号就不需要转义字符“/”了。

分享到：

什么是 SSL 证书？如何检查网址是否部署了 ... | X.509 证书

2009-01-18 15:43
浏览 1156
评论(0)
论坛回复 / 浏览 (0 / 1286)
分类:非技术
查看更多

发表评论

您还没有登录,请您登录后再发表评论

相关推荐

RFC 2253 UTF-8 String Representation of Distinguished Names(中文版): RFC 2253 UTF-8 String Representation of Distinguished Names(中文版)

X.690-ASN.1 encoding rules; Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) 和 Distinguished Encoding Rules (DER): ASN.1的正式标准文档和它的编码规则由 International Telecommunications Union Telecommunications Sector (ITU-T)和International Standards Organization (ISO) / International Electrotechnical Commission ...

ISOIEC 8825-2-2015 信息技术-ASN.1编码规则：压缩编码规则（PER）_高清.pdf: 应用层协议如X.400（email）、X.500和LDAP（目录服务）、H.323（VoIP）和SNMP使用 ASN.1 描述它们交互的协议数据单元。在UMTS的接入和非接入层也有广泛的应用。 ASN.1的其他应用领域参见此处[1]。

distinguished,leaders,晚会主持词.pdf: distinguished,leaders,晚会主持词.pdf

h.264视频编解码源代码.rar: may carry on each kind of development in this code foundation, for instance the algorithm optimization, transfers the code technology, realizes each kind has distinguished extension code 文件列表...

Williams, E. H., Magary, J. G., and Moore, F. A. (Eds.) Ninth Annual Distinguished Lecture Series in Special Education and Rehabilitation. Los Angeles: University of Southern California Press, 1971, 113 p., [dollar]3.00 (paperback): (Eds.) Ninth Annual Distinguished Lecture Series in Special Education and Rehabilitation. Los Angeles: University of Southern California Press, 1971, 113 p., [dollar]3.00 (paperback) BOOK REVIEWS ...

Sun One Directory Server(LDAP)安装和调整指南: 3. 从协议衍化上阐述LDAP，它是“目录访问协议DAP——ISO X.500”的衍生，简化了DAP协议，提供了轻量级的基于TCP/IP协议的网络访问，降低了管理维护成本，但保持了强壮且易于扩充的信息框架。LDAP的应用程序可以很...

批量移动AD用户到指定OU: $UserDN = (Get-ADUser -Identity $_.Username).distinguishedName $TargetOU = $_.TargetOU Write-Host " Moving Accounts ..... " # Move user to target OU. Move-ADObject -Identity $UserDN -TargetPath $...

RFID Protocol Design, Optimization, and Security+for IoT-IET(2017).pdf ): Alex X. Liu is a Professor of the Department of Computer Science and Engineer- ing at Michigan State University, East Lansing, Michigan, USA. He received his Ph.D. degree in Computer Science from The ...

Python使用LDAP做用户认证的方法: LDAP(Light Directory Access Portocol)是轻量目录访问协议，基于X.500标准，支持TCP/IP。 LDAP目录以树状的层次结构来存储数据。每个目录记录都有标识名（Distinguished Name，简称DN），用来读取单个记录，一般...

面向服务的云计算架构——Service Oriented Cloud Computing Infrastructure: 面向服务的云计算架构——Service Oriented Cloud Computing Infrastructure E.G.Nadhan EDS Distinguished SE June, 2009

英文原版-Clinical Neurology 7th Edition: Distinguished by its practice-oriented approach to neurology based on the patients' presenting symptoms, this classic has been updated and revised to make it even more clinically-relevant and ...

Model Checking-Edmund M. Clarke-模型检查PDF: Model checking is a technique for verifying finite state concurrent systems such as sequential circuit designs and communication ... Kurshan, Distinguished Member Technical Staff, Bell Laboratories

The Real Work of Data Science: Turning data into information, better decisions: Davenport, Distinguished Professor, Babson College and Fellow, MIT Initiative on the Digital Economy “I like your book. The chapters address problems that have faced statisticians for generations, ...

1.LASSO.pdf: approaches are distinguished from others in that the penalty functions are symmetric, nonconcave on 401ˆ5, and have singularities at the origin to produce sparse solutions. Furthermore, the penalty ...

The Python 3 Standard Library by Example (Developer's Library): –Raymond Hettinger, Distinguished Python Core Developer The Python 3 Standard Library contains hundreds of modules for interacting with the operating system, interpreter, and Internet–all ...

pkcs10 规范: certification request consists of a distinguished name, a public key, and optionally a set of attributes, collectively signed by the entity requesting certification. Certification requests are sent...

太赫兹成像技术手册（2013年）.rar: With its distinguished editor and international team of expert contributors, the Handbook of terahertz technology for imaging, sensing and communications is an authoritative guide to the field for ...

CUDA范例精解通用GPU编程: CUDA范例精解通用GPU编程CUDA by Example addresses the heart of the ...University Distinguished Professor, University of Tennessee Distinguished Research Staff Member, Oak Ridge National Laboratory

最近访客 更多访客>>

博主相关

文章分类

社区版块

存档分类

最新评论