search

digitalbazaar / forge

A native implementation of TLS in Javascript and tools to write crypto-based and network-heavy webapps
https://digitalbazaar.com/
Other
5.01k stars 767 forks source link

Order of CSR's Subject Field #1041

Closed msudgh closed 8 months ago

msudgh commented 11 months ago

Hello everyone, I'm currently working on generating a certificate signing request (CSR) using node-forge, and I have a query regarding the setSubject method. While attempting to create a CSR following the C+ST+L+O+OU+CN pattern, I noticed that the output differed from that of OpenSSL. Despite trying to set a manual order and modify the setSubject parameter, the library did not adhere to the changes. My ultimate goal is to produce a CSR that has a format similar to OpenSSL's.

The OpenSSL subject field order is as follows: 

C=NL, ST=Zuid-Holland, L=Den Haag, O=TEST, OU=Development, CN=example.com/emailAddress=info@example.com

However, the generated CSR subject field order by node-forge is as follows: 

CN=example.com, C=NL, ST=Zuid-Holland, L=Den Haag, O=TEST, OU=Development/emailAddress=info@example.com

My questions are:

  1. What standard is used to format the subject field representation?
  2. Is it possible to generate a CSR with respect to other DNs, such as RFC 4514 or RFC 1485, using OpenSSL? More information at Link.

Thank you in advance for your attention.