This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes Security and the fly likes getIssuerX500Principal().getName() returns wired name Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "getIssuerX500Principal().getName() returns wired name" Watch "getIssuerX500Principal().getName() returns wired name" New topic

getIssuerX500Principal().getName() returns wired name

Fahim Farook

Joined: Mar 20, 2011
Posts: 12
1) I'm retrieving the issuer of a X509Certificate as follows.

cert.toString() shows the issuer as:
EMAILADDRESS=root@someperson, CN=someCommonName, OU=SomeOrganizationalUnit, O=SomeOrganization, L=SomeCity, ST=SomeState, C=--

However cert.getIssuerX500Principal().getName() returns the following:
1.2.<SOME DIGITS>=#<SOME DIGITS>,CN=someCommonName,OU=SomeOrganizationalUnit,O=SomeOrganization,L=SomeCity,ST=SomeState,C=--

However if I used cert.getIssuerX500Principal().getName("RFC1779"), it will return the issuer correctly (i.e. with root@someperson ).
Can anyone please explain whether it is correct to use cert.getIssuerX500Principal().getName("RFC1779") for retrieving issuer from X509Certifcate since RFC 2253 obsoletes RFC 1779.

2) I noticed that if the Organization is something like "{SOME DIGITS}" (i.e. self signed certificates), getIssuerX500Principal().getName() returns something like the following.
O=|0|{|0|7|0|E|0|F|0|2|0|B|0|1| ....

And still getIssuerX500Principal().getName("RFC1779") returns it correctly. Can anyone explain why is that and whats the workaround?

3) In case issuer name contains null bytes in between, what is the expected behavior of getIssuerX500Principal().getName() ?
I agree. Here's the link:
subject: getIssuerX500Principal().getName() returns wired name
Similar Threads
certificate chain
Problem in accessing webservice over https with auth cert enabled...Urgent
Midlet signing
RMI - SSL - VeriSign Certificates
https connection added cert still getting exception please help?