Export (0) Print
Expand All

IX509ExtensionAlternativeNames interface

The IX509ExtensionAlternativeNames interface enables you to specify one or more alternative name forms for the subject of a certificate. A certification authority processes the extension by binding the names to the certified public key. The following syntax shows the Abstract Syntax Notation One (ASN.1) structure of the extension. The extension value is encoded by using Distinguished Encoding Rules (DER) and included in the certificate request.


----------------------------------------------------------------------
-- AlternativeNames 
-- XCN_OID_SUBJECT_ALT_NAME2 (2.5.29.17)
----------------------------------------------------------------------

AltNames ::= SEQUENCE --#public-- OF GeneralName
GeneralNames ::= AltNames

GeneralName ::= CHOICE 
{
   otherName               [0] IMPLICIT OtherName,
   rfc822Name              [1] IMPLICIT IA5STRING,
   dNSName                 [2] IMPLICIT IA5STRING,
   x400Address             [3] IMPLICIT SeqOfAny,       -- Not supported
   directoryName           [4] EXPLICIT ANY,    
   ediPartyName            [5] IMPLICIT SeqOfAny,
   uniformResourceLocator  [6] IMPLICIT IA5STRING,
   iPAddress               [7] IMPLICIT OCTETSTRING,
   registeredID            [8] IMPLICIT EncodedObjectID -- Not supported
}

OtherName ::= SEQUENCE 
{
   type                    EncodedObjectID,
   value                   [0] EXPLICIT NOCOPYANY 
}

If you initialize this extension by using an IAlternativeNames collection, the following name types are supported.

ValueDescription
XCN_CERT_ALT_NAME_OTHER_NAMEThe name consists of an object identifier and a byte array that contains the name.
XCN_CERT_ALT_NAME_RFC822_NAMEThe name is an email address.
XCN_CERT_ALT_NAME_DNS_NAMEThe name is a Domain Name System name.
XCN_CERT_ALT_NAME_DIRECTORY_NAMEThe name is an X.500 directory name.
XCN_CERT_ALT_NAME_URLThe name is a URL.
XCN_CERT_ALT_NAME_IP_ADDRESSThe name is an Internet Protocol (IP) address.
XCN_CERT_ALT_NAME_REGISTERED_IDThe name is a registered object identifier (OID).
XCN_CERT_ALT_NAME_GUIDThe name is a GUID. This is a form of otherName.
XCN_CERT_ALT_NAME_USER_PRINCIPLE_NAMEThe name is a user principal name (UPN). The UPN format is based on RFC 822.

 

To add this extension object to a PKCS #10 request or a CMC request, you must first add it to an IX509Extensions collection and use the collection to initialize an IX509AttributeExtensions object. For more information, see the PKCS #10 Extensions and the CMC Extensions topics.

Members

The IX509ExtensionAlternativeNames interface inherits from IX509Extension. IX509ExtensionAlternativeNames also has these types of members:

Methods

The IX509ExtensionAlternativeNames interface has these methods.

MethodDescription
InitializeDecode

Initializes the extension from a Distinguished Encoding Rules (DER) encoded byte array that contains the extension value.

InitializeEncode

Initializes the extension from an IAlternativeNames collection.

 

Properties

The IX509ExtensionAlternativeNames interface has these properties.

PropertyDescription

AlternativeNames

Retrieves a collection of subject alternative names.

 

Requirements

Minimum supported client

Windows Vista [desktop apps only]

Minimum supported server

Windows Server 2008 [desktop apps only]

Header

CertEnroll.h

DLL

CertEnroll.dll

See also

Certificate Enrollment API
Extensions
IX509Extension

 

 

Community Additions

ADD
Show:
© 2014 Microsoft