How to insert special characters in DN RRS feed

  • Question

  • Hi all

    I'm trying to make a CSR for a server using certreq.exe and the subject DN has a comma in it. I have tried "\," , "\2C" and "%2C" in the subject filed of the policy.inf file that I use for making the CSR but whatever I use is exactly showed on the certificate. (It is not treated as a special character)

    Also I have the same problem with CAs. When I want to install Certification Authority on Win 2008 R2 and server's DN has a comma, the installation stops and shows an error message about "Invalid DN".

    How can I solve these problems?

    Tuesday, June 5, 2012 11:20 AM


  • in the INF file under Subject field add another field:

    X500NameFlags = 0x40000000

    for example:

    Subject = "CN=www.something.com; O=Contoso Pharmaceuticals, Ltd; C=US"
    X500NameFlags = 0x40000000
    <other attributes>
    and use semicolon as a RDN attribute separator.


    My weblog: http://en-us.sysadmins.lv
    PowerShell PKI Module: http://pspki.codeplex.com
    Windows PKI reference: on TechNet wiki

    Tuesday, June 5, 2012 12:14 PM

All replies