List of usage examples for org.bouncycastle.asn1.x509 X509ObjectIdentifiers organization
ASN1ObjectIdentifier organization
To view the source code for org.bouncycastle.asn1.x509 X509ObjectIdentifiers organization.
Click Source Link
From source file:com.adaptris.core.security.JunitSecurityHelper.java
License:Apache License
private static CertificateBuilder getBuilder(String commonName) throws Exception { CertificateBuilder builder = CertificateBuilderFactory.getInstance().createBuilder(); CertificateParameter cp = new CertificateParameter(); X500NameBuilder subject = new X500NameBuilder(); subject.addRDN(X509ObjectIdentifiers.countryName, "GB"); subject.addRDN(X509ObjectIdentifiers.stateOrProvinceName, "Middlesex"); subject.addRDN(X509ObjectIdentifiers.localityName, "Uxbridge"); subject.addRDN(X509ObjectIdentifiers.organization, "Adaptris"); subject.addRDN(X509ObjectIdentifiers.organizationalUnitName, "JUNIT"); subject.addRDN(X509ObjectIdentifiers.commonName, commonName); subject.addRDN(PKCSObjectIdentifiers.pkcs_9_at_emailAddress, "myname@adaptris.com"); cp.setSignatureAlgorithm("SHA256WithRSAEncryption"); // Changed to 1024 as the key size, otherwise jdk8_66 appears to have a fit // wrt to java.security limiting the certpath algorithms // jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024 (it was like this in _40, but doesn't // apparently break things cp.setKeyAlgorithm("RSA", 1024); cp.setSubjectInfo(subject.build());//from w w w .j a v a 2 s.co m builder.setCertificateParameters(cp); return builder; }
From source file:com.adaptris.security.Config.java
License:Apache License
public CertificateBuilder getBuilder(String commonName) throws Exception { CertificateBuilder builder = CertificateBuilderFactory.getInstance().createBuilder(); CertificateParameter cp = new CertificateParameter(); X500NameBuilder subject = new X500NameBuilder(); subject.addRDN(X509ObjectIdentifiers.countryName, config.getProperty(CERTIFICATE_C)); subject.addRDN(X509ObjectIdentifiers.stateOrProvinceName, config.getProperty(CERTIFICATE_ST)); subject.addRDN(X509ObjectIdentifiers.localityName, config.getProperty(CERTIFICATE_L)); subject.addRDN(X509ObjectIdentifiers.organization, config.getProperty(CERTIFICATE_O)); subject.addRDN(X509ObjectIdentifiers.organizationalUnitName, config.getProperty(CERTIFICATE_OU)); subject.addRDN(X509ObjectIdentifiers.commonName, commonName); subject.addRDN(PKCSObjectIdentifiers.pkcs_9_at_emailAddress, config.getProperty(CERTIFICATE_EMAIL)); cp.setSignatureAlgorithm(config.getProperty(CERTIFICATE_SIGALG)); cp.setKeyAlgorithm(config.getProperty(CERTIFICATE_KEYALG), Integer.parseInt(config.getProperty(CERTIFICATE_KEYSIZE))); cp.setSubjectInfo(subject.build());/*from w ww. ja va2 s.co m*/ builder.setCertificateParameters(cp); return builder; }
From source file:org.cesecore.certificates.ca.X509CATest.java
License:Open Source License
/** * Tests default value of "use printable string" option (should be disabled by default) * and tests that the option works.//from w ww .j av a 2 s . c o m */ @Test public void testPrintableString() throws Exception { final CryptoToken cryptoToken = getNewCryptoToken(); final String caDN = "CN=foo CA,O=Bar,JurisdictionCountry=DE,JurisdictionState=Stockholm,JurisdictionLocality=Solna,C=SE"; final X509CA testCa = createTestCA(cryptoToken, caDN); assertFalse("\"Use Printable String\" should be turned off by default", testCa.getUsePrintableStringSubjectDN()); Certificate cert = testCa.getCACertificate(); assertTrue("Certificate CN was not UTF-8 encoded by default.", getValueFromDN(cert, X509ObjectIdentifiers.commonName) instanceof DERUTF8String); assertTrue("Certificate C was not PrintableString encoded.", getValueFromDN(cert, X509ObjectIdentifiers.countryName) instanceof DERPrintableString); // C is always PrintableString // Test generation by calling generateCertificate directly final String subjectDN = "CN=foo subject,O=Bar,JurisdictionCountry=DE,JurisdictionState=Stockholm,JurisdictionLocality=Solna,C=SE"; final EndEntityInformation subject = new EndEntityInformation("testPrintableString", subjectDN, testCa.getCAId(), null, null, new EndEntityType(EndEntityTypes.ENDUSER), 0, 0, EndEntityConstants.TOKEN_USERGEN, 0, null); final CertificateProfile certProfile = new CertificateProfile( CertificateProfileConstants.CERTPROFILE_FIXED_ENDUSER); cert = testCa.generateCertificate(cryptoToken, subject, cert.getPublicKey(), KeyUsage.digitalSignature | KeyUsage.keyEncipherment, null, 30, certProfile, null); assertTrue("Certificate CN was not UTF-8 encoded by default.", getValueFromDN(cert, X509ObjectIdentifiers.commonName) instanceof DERUTF8String); assertTrue("Certificate O was not UTF-8 encoded by default.", getValueFromDN(cert, X509ObjectIdentifiers.organization) instanceof DERUTF8String); assertTrue("Certificate JurisdictionState was not UTF-8 encoded.", getValueFromDN(cert, CeSecoreNameStyle.JURISDICTION_STATE) instanceof DERUTF8String); assertTrue("Certificate JurisdictionLocality was not UTF-8 encoded.", getValueFromDN(cert, CeSecoreNameStyle.JURISDICTION_LOCALITY) instanceof DERUTF8String); assertTrue("Certificate C was not PrintableString encoded.", getValueFromDN(cert, X509ObjectIdentifiers.countryName) instanceof DERPrintableString); // C is always PrintableString assertTrue("Certificate JurisdictionCountry was not PrintableString encoded.", getValueFromDN(cert, CeSecoreNameStyle.JURISDICTION_COUNTRY) instanceof DERPrintableString); // C is always PrintableString // Now generate a new certificate with a PrintableString-encoded DN testCa.setUsePrintableStringSubjectDN(true); cert = testCa.generateCertificate(cryptoToken, subject, cert.getPublicKey(), KeyUsage.digitalSignature | KeyUsage.keyEncipherment, null, 30, certProfile, null); assertTrue("Certificate CN was not encoded as PrintableString.", getValueFromDN(cert, X509ObjectIdentifiers.commonName) instanceof DERPrintableString); assertTrue("Certificate O was not encoded as PrintableString.", getValueFromDN(cert, X509ObjectIdentifiers.organization) instanceof DERPrintableString); assertTrue("Certificate JurisdictionState was not encoded as PrintableString.", getValueFromDN(cert, CeSecoreNameStyle.JURISDICTION_STATE) instanceof DERPrintableString); assertTrue("Certificate JurisdictionLocality was not encoded as PrintableString.", getValueFromDN(cert, CeSecoreNameStyle.JURISDICTION_LOCALITY) instanceof DERPrintableString); assertTrue("Certificate C was not PrintableString encoded.", getValueFromDN(cert, X509ObjectIdentifiers.countryName) instanceof DERPrintableString); // C is always PrintableString assertTrue("Certificate JurisdictionCountry was not PrintableString encoded.", getValueFromDN(cert, CeSecoreNameStyle.JURISDICTION_COUNTRY) instanceof DERPrintableString); // C is always PrintableString }
From source file:org.jmrtd.lds.SignedDataUtil.java
License:Open Source License
/** * Gets the common mnemonic string (such as "SHA1", "SHA256withRSA") given an OID. * * @param oid an OID//www .j a va 2 s . co m * * @throws NoSuchAlgorithmException if the provided OID is not yet supported */ public static String lookupMnemonicByOID(String oid) throws NoSuchAlgorithmException { if (oid == null) { return null; } if (oid.equals(X509ObjectIdentifiers.organization.getId())) { return "O"; } if (oid.equals(X509ObjectIdentifiers.organizationalUnitName.getId())) { return "OU"; } if (oid.equals(X509ObjectIdentifiers.commonName.getId())) { return "CN"; } if (oid.equals(X509ObjectIdentifiers.countryName.getId())) { return "C"; } if (oid.equals(X509ObjectIdentifiers.stateOrProvinceName.getId())) { return "ST"; } if (oid.equals(X509ObjectIdentifiers.localityName.getId())) { return "L"; } if (oid.equals(X509ObjectIdentifiers.id_SHA1.getId())) { return "SHA-1"; } if (oid.equals(NISTObjectIdentifiers.id_sha224.getId())) { return "SHA-224"; } if (oid.equals(NISTObjectIdentifiers.id_sha256.getId())) { return "SHA-256"; } if (oid.equals(NISTObjectIdentifiers.id_sha384.getId())) { return "SHA-384"; } if (oid.equals(NISTObjectIdentifiers.id_sha512.getId())) { return "SHA-512"; } if (oid.equals(X9_SHA1_WITH_ECDSA_OID)) { return "SHA1withECDSA"; } if (oid.equals(X9_SHA224_WITH_ECDSA_OID)) { return "SHA224withECDSA"; } if (oid.equals(X9_SHA256_WITH_ECDSA_OID)) { return "SHA256withECDSA"; } if (oid.equals(PKCS1_RSA_OID)) { return "RSA"; } if (oid.equals(PKCS1_MD2_WITH_RSA_OID)) { return "MD2withRSA"; } if (oid.equals(PKCS1_MD4_WITH_RSA_OID)) { return "MD4withRSA"; } if (oid.equals(PKCS1_MD5_WITH_RSA_OID)) { return "MD5withRSA"; } if (oid.equals(PKCS1_SHA1_WITH_RSA_OID)) { return "SHA1withRSA"; } if (oid.equals(PKCS1_SHA256_WITH_RSA_OID)) { return "SHA256withRSA"; } if (oid.equals(PKCS1_SHA384_WITH_RSA_OID)) { return "SHA384withRSA"; } if (oid.equals(PKCS1_SHA512_WITH_RSA_OID)) { return "SHA512withRSA"; } if (oid.equals(PKCS1_SHA224_WITH_RSA_OID)) { return "SHA224withRSA"; } if (oid.equals(IEEE_P1363_SHA1_OID)) { return "SHA-1"; } if (oid.equals(PKCS1_RSASSA_PSS_OID)) { return "SSAwithRSA/PSS"; } if (oid.equals(PKCS1_SHA256_WITH_RSA_AND_MGF1)) { return "SHA256withRSAandMGF1"; } throw new NoSuchAlgorithmException("Unknown OID " + oid); }
From source file:org.jmrtd.lds.SignedDataUtil.java
License:Open Source License
public static String lookupOIDByMnemonic(String name) throws NoSuchAlgorithmException { if (name.equals("O")) { return X509ObjectIdentifiers.organization.getId(); }/* ww w . j av a 2 s . co m*/ if (name.equals("OU")) { return X509ObjectIdentifiers.organizationalUnitName.getId(); } if (name.equals("CN")) { return X509ObjectIdentifiers.commonName.getId(); } if (name.equals("C")) { return X509ObjectIdentifiers.countryName.getId(); } if (name.equals("ST")) { return X509ObjectIdentifiers.stateOrProvinceName.getId(); } if (name.equals("L")) { return X509ObjectIdentifiers.localityName.getId(); } if (name.equalsIgnoreCase("SHA-1") || name.equalsIgnoreCase("SHA1")) { return X509ObjectIdentifiers.id_SHA1.getId(); } if (name.equalsIgnoreCase("SHA-224") || name.equalsIgnoreCase("SHA224")) { return NISTObjectIdentifiers.id_sha224.getId(); } if (name.equalsIgnoreCase("SHA-256") || name.equalsIgnoreCase("SHA256")) { return NISTObjectIdentifiers.id_sha256.getId(); } if (name.equalsIgnoreCase("SHA-384") || name.equalsIgnoreCase("SHA384")) { return NISTObjectIdentifiers.id_sha384.getId(); } if (name.equalsIgnoreCase("SHA-512") || name.equalsIgnoreCase("SHA512")) { return NISTObjectIdentifiers.id_sha512.getId(); } if (name.equalsIgnoreCase("RSA")) { return PKCS1_RSA_OID; } if (name.equalsIgnoreCase("MD2withRSA")) { return PKCS1_MD2_WITH_RSA_OID; } if (name.equalsIgnoreCase("MD4withRSA")) { return PKCS1_MD4_WITH_RSA_OID; } if (name.equalsIgnoreCase("MD5withRSA")) { return PKCS1_MD5_WITH_RSA_OID; } if (name.equalsIgnoreCase("SHA1withRSA")) { return PKCS1_SHA1_WITH_RSA_OID; } if (name.equalsIgnoreCase("SHA256withRSA")) { return PKCS1_SHA256_WITH_RSA_OID; } if (name.equalsIgnoreCase("SHA384withRSA")) { return PKCS1_SHA384_WITH_RSA_OID; } if (name.equalsIgnoreCase("SHA512withRSA")) { return PKCS1_SHA512_WITH_RSA_OID; } if (name.equalsIgnoreCase("SHA224withRSA")) { return PKCS1_SHA224_WITH_RSA_OID; } if (name.equalsIgnoreCase("SHA1withECDSA")) { return X9_SHA1_WITH_ECDSA_OID; } if (name.equalsIgnoreCase("SHA224withECDSA")) { return X9_SHA224_WITH_ECDSA_OID; } if (name.equalsIgnoreCase("SHA256withECDSA")) { return X9_SHA256_WITH_ECDSA_OID; } if (name.equalsIgnoreCase("SAwithRSA/PSS")) { return PKCS1_RSASSA_PSS_OID; } if (name.equalsIgnoreCase("SSAwithRSA/PSS")) { return PKCS1_RSASSA_PSS_OID; } if (name.equalsIgnoreCase("RSASSA-PSS")) { return PKCS1_RSASSA_PSS_OID; } if (name.equalsIgnoreCase("SHA256withRSAandMGF1")) { return PKCS1_SHA256_WITH_RSA_AND_MGF1; } throw new NoSuchAlgorithmException("Unknown name " + name); }
From source file:org.signserver.module.mrtdsodsigner.jmrtd.SODFile.java
License:Open Source License
/** * Gets the common mnemonic string (such as "SHA1", "SHA256withRSA") given an OID. * * @param oid a BC OID/*from www . j a va 2s. c om*/ * * @throws NoSuchAlgorithmException if the provided OID is not yet supported */ private static String lookupMnemonicByOID(DERObjectIdentifier oid) throws NoSuchAlgorithmException { if (oid.equals(X509ObjectIdentifiers.organization)) { return "O"; } if (oid.equals(X509ObjectIdentifiers.organizationalUnitName)) { return "OU"; } if (oid.equals(X509ObjectIdentifiers.commonName)) { return "CN"; } if (oid.equals(X509ObjectIdentifiers.countryName)) { return "C"; } if (oid.equals(X509ObjectIdentifiers.stateOrProvinceName)) { return "ST"; } if (oid.equals(X509ObjectIdentifiers.localityName)) { return "L"; } if (oid.equals(X509ObjectIdentifiers.id_SHA1)) { return "SHA1"; } if (oid.equals(NISTObjectIdentifiers.id_sha224)) { return "SHA224"; } if (oid.equals(NISTObjectIdentifiers.id_sha256)) { return "SHA256"; } if (oid.equals(NISTObjectIdentifiers.id_sha384)) { return "SHA384"; } if (oid.equals(NISTObjectIdentifiers.id_sha512)) { return "SHA512"; } if (oid.equals(X9_SHA1_WITH_ECDSA_OID)) { return "SHA1withECDSA"; } if (oid.equals(X9_SHA224_WITH_ECDSA_OID)) { return "SHA224withECDSA"; } if (oid.equals(X9_SHA256_WITH_ECDSA_OID)) { return "SHA256withECDSA"; } if (oid.equals(PKCS1_MGF1_OID)) { return "MGF1"; } if (oid.equals(PKCS1_RSA_OID)) { return "RSA"; } if (oid.equals(PKCS1_MD2_WITH_RSA_OID)) { return "MD2withRSA"; } if (oid.equals(PKCS1_MD4_WITH_RSA_OID)) { return "MD4withRSA"; } if (oid.equals(PKCS1_MD5_WITH_RSA_OID)) { return "MD5withRSA"; } if (oid.equals(PKCS1_SHA1_WITH_RSA_OID)) { return "SHA1withRSA"; } if (oid.equals(PKCS1_SHA256_WITH_RSA_OID)) { return "SHA256withRSA"; } if (oid.equals(PKCS1_SHA384_WITH_RSA_OID)) { return "SHA384withRSA"; } if (oid.equals(PKCS1_SHA512_WITH_RSA_OID)) { return "SHA512withRSA"; } if (oid.equals(PKCS1_SHA224_WITH_RSA_OID)) { return "SHA224withRSA"; } if (oid.equals(IEEE_P1363_SHA1_OID)) { return "SHA1"; } if (oid.equals(PKCS1_RSA_PSS_OID)) { return "RSASSA-PSS"; } throw new NoSuchAlgorithmException("Unknown OID " + oid); }
From source file:org.signserver.module.mrtdsodsigner.jmrtd.SODFile.java
License:Open Source License
private static ASN1ObjectIdentifier lookupOIDByMnemonic(String name) throws NoSuchAlgorithmException { if (name.equals("O")) { return X509ObjectIdentifiers.organization; }//from w w w . j av a 2 s .c o m if (name.equals("OU")) { return X509ObjectIdentifiers.organizationalUnitName; } if (name.equals("CN")) { return X509ObjectIdentifiers.commonName; } if (name.equals("C")) { return X509ObjectIdentifiers.countryName; } if (name.equals("ST")) { return X509ObjectIdentifiers.stateOrProvinceName; } if (name.equals("L")) { return X509ObjectIdentifiers.localityName; } if (name.equalsIgnoreCase("SHA1")) { return X509ObjectIdentifiers.id_SHA1; } if (name.equalsIgnoreCase("SHA224")) { return NISTObjectIdentifiers.id_sha224; } if (name.equalsIgnoreCase("SHA256")) { return NISTObjectIdentifiers.id_sha256; } if (name.equalsIgnoreCase("SHA384")) { return NISTObjectIdentifiers.id_sha384; } if (name.equalsIgnoreCase("SHA512")) { return NISTObjectIdentifiers.id_sha512; } if (name.equalsIgnoreCase("RSA")) { return PKCS1_RSA_OID; } if (name.equalsIgnoreCase("MD2withRSA")) { return PKCS1_MD2_WITH_RSA_OID; } if (name.equalsIgnoreCase("MD4withRSA")) { return PKCS1_MD4_WITH_RSA_OID; } if (name.equalsIgnoreCase("MD5withRSA")) { return PKCS1_MD5_WITH_RSA_OID; } if (name.equalsIgnoreCase("SHA1withRSA")) { return PKCS1_SHA1_WITH_RSA_OID; } if (name.equalsIgnoreCase("SHA256withRSA")) { return PKCS1_SHA256_WITH_RSA_OID; } if (name.equalsIgnoreCase("SHA384withRSA")) { return PKCS1_SHA384_WITH_RSA_OID; } if (name.equalsIgnoreCase("SHA512withRSA")) { return PKCS1_SHA512_WITH_RSA_OID; } if (name.equalsIgnoreCase("SHA224withRSA")) { return PKCS1_SHA224_WITH_RSA_OID; } if (name.equalsIgnoreCase("SHA1withECDSA")) { return X9_SHA1_WITH_ECDSA_OID; } if (name.equalsIgnoreCase("SHA224withECDSA")) { return X9_SHA224_WITH_ECDSA_OID; } if (name.equalsIgnoreCase("SHA256withECDSA")) { return X9_SHA256_WITH_ECDSA_OID; } if (name.equalsIgnoreCase("MGF1")) { return PKCS1_MGF1_OID; } if (name.equalsIgnoreCase("SHA1withRSAandMGF1")) { return PKCS1_RSA_PSS_OID; } if (name.equalsIgnoreCase("SHA224withRSAandMGF1")) { return PKCS1_RSA_PSS_OID; } if (name.equalsIgnoreCase("SHA256withRSAandMGF1")) { return PKCS1_RSA_PSS_OID; } if (name.equalsIgnoreCase("SHA384withRSAandMGF1")) { return PKCS1_RSA_PSS_OID; } if (name.equalsIgnoreCase("SHA512withRSAandMGF1")) { return PKCS1_RSA_PSS_OID; } throw new NoSuchAlgorithmException("Unknown name " + name); }
From source file:passwdmanager.hig.no.lds.DG_SOD.java
/** * Gets the common mnemonic string (such as "SHA1", "SHA256withRSA") given * an OID.// w w w . j a v a 2s .c o m * * @param oid * a BC OID * * @throws NoSuchAlgorithmException * if the provided OID is not yet supported */ static String lookupMnemonicByOID(DERObjectIdentifier oid) throws NoSuchAlgorithmException { if (oid.equals(X509ObjectIdentifiers.organization)) { return "O"; } if (oid.equals(X509ObjectIdentifiers.organizationalUnitName)) { return "OU"; } if (oid.equals(X509ObjectIdentifiers.commonName)) { return "CN"; } if (oid.equals(X509ObjectIdentifiers.countryName)) { return "C"; } if (oid.equals(X509ObjectIdentifiers.stateOrProvinceName)) { return "ST"; } if (oid.equals(X509ObjectIdentifiers.localityName)) { return "L"; } if (oid.equals(X509ObjectIdentifiers.id_SHA1)) { return "SHA1"; } if (oid.equals(NISTObjectIdentifiers.id_sha224)) { return "SHA224"; } if (oid.equals(NISTObjectIdentifiers.id_sha256)) { return "SHA256"; } if (oid.equals(NISTObjectIdentifiers.id_sha384)) { return "SHA384"; } if (oid.equals(NISTObjectIdentifiers.id_sha512)) { return "SHA512"; } if (oid.equals(PKCS1_SHA1_WITH_RSA_OID)) { return "SHA1withRSA"; } if (oid.equals(PKCS1_SHA256_WITH_RSA_OID)) { return "SHA256withRSA"; } if (oid.equals(PKCS1_SHA384_WITH_RSA_OID)) { return "SHA384withRSA"; } if (oid.equals(PKCS1_SHA512_WITH_RSA_OID)) { return "SHA512withRSA"; } if (oid.equals(PKCS1_SHA224_WITH_RSA_OID)) { return "SHA224withRSA"; } throw new NoSuchAlgorithmException("Unknown OID " + oid); }
From source file:passwdmanager.hig.no.lds.DG_SOD.java
static DERObjectIdentifier lookupOIDByMnemonic(String name) throws NoSuchAlgorithmException { if (name.equals("O")) { return X509ObjectIdentifiers.organization; }//from w w w . j a va2 s. c o m if (name.equals("OU")) { return X509ObjectIdentifiers.organizationalUnitName; } if (name.equals("CN")) { return X509ObjectIdentifiers.commonName; } if (name.equals("C")) { return X509ObjectIdentifiers.countryName; } if (name.equals("ST")) { return X509ObjectIdentifiers.stateOrProvinceName; } if (name.equals("L")) { return X509ObjectIdentifiers.localityName; } if (name.equals("SHA1")) { return X509ObjectIdentifiers.id_SHA1; } if (name.equals("SHA224")) { return NISTObjectIdentifiers.id_sha224; } if (name.equals("SHA256")) { return NISTObjectIdentifiers.id_sha256; } if (name.equals("SHA384")) { return NISTObjectIdentifiers.id_sha384; } if (name.equals("SHA512")) { return NISTObjectIdentifiers.id_sha512; } if (name.equals("SHA1withRSA")) { return PKCS1_SHA1_WITH_RSA_OID; } if (name.equals("SHA256withRSA")) { return PKCS1_SHA256_WITH_RSA_OID; } if (name.equals("SHA384withRSA")) { return PKCS1_SHA384_WITH_RSA_OID; } if (name.equals("SHA512withRSA")) { return PKCS1_SHA512_WITH_RSA_OID; } if (name.equals("SHA224withRSA")) { return PKCS1_SHA224_WITH_RSA_OID; } throw new NoSuchAlgorithmException("Unknown OID " + name); }
From source file:test.integ.be.e_contract.mycarenet.certra.CertRAClientTest.java
License:Open Source License
@Test public void testGenerateCertificate() throws Exception { CertRASession certRASession = new CertRASession("info@e-contract.be", "0478/299492"); String ssin = CertRAClient.getSSIN(this.signCertificateChain.get(0)); X500NameBuilder nameBuilder = new X500NameBuilder(); nameBuilder.addRDN(X509ObjectIdentifiers.countryName, new DERPrintableString("BE")); nameBuilder.addRDN(X509ObjectIdentifiers.organization, new DERPrintableString("Federal Government")); nameBuilder.addRDN(X509ObjectIdentifiers.organizationalUnitName, new DERPrintableString("eHealth-platform Belgium")); nameBuilder.addRDN(X509ObjectIdentifiers.organizationalUnitName, new DERPrintableString("SSIN=" + ssin)); nameBuilder.addRDN(X509ObjectIdentifiers.commonName, new DERPrintableString("SSIN=" + ssin)); X500Name name = nameBuilder.build(); byte[] encodedCsr = certRASession.generateCSR(name); PKCS10CertificationRequest csr = new PKCS10CertificationRequest(encodedCsr); LOG.debug("CSR subject: " + csr.getSubject()); X500Name subjectName = csr.getSubject(); RDN[] rdns = subjectName.getRDNs();//from w w w . j a va 2 s.com for (RDN rdn : rdns) { LOG.debug("--------"); AttributeTypeAndValue[] attributes = rdn.getTypesAndValues(); for (AttributeTypeAndValue attribute : attributes) { LOG.debug(attribute.getType() + " = " + attribute.getValue()); LOG.debug("value type: " + attribute.getValue().getClass().getName()); } } }