IO::Socket::SSL::Utils splits subject/issue into a hash, losing the ordering of the parts

[miiichael]

Feature request. Though I'm tempted to also characterise this as a design fault. 😅

I notice CERT_asHash() returns subject and issuer split into a hash. I think it would be more useful to report the whole DN. Or if you must split it, then instead split it into an array.

This will be especially problematic for DNs that contain more than one of the same type of RDN (eg. multiple OU's or DC's), as it then becomes impossible to determine which order in which to reassemble the bits back together.

I was hoping to replace my usage of Net::SSLeay::X509_NAME_oneline() with IO::Socket::SSL::Utils functions, but today is not that day. :P

[noxxi]

Significant changes to the interface can unfortunately break things, so I'm reluctant to move from a hash to an array. Apart from that the array makes it harder to easily access specific fields. Still, the problem of multiple RDN with the same type is a real issue, both for CERT_asHash as for CERT_create. With 2.069 it is now possible to have multiple RDN of same type. CERT_asHash will return an array reference with the values in order instead of a scalar value in this case and CERT_create will accept such value.