Hi, I'm struggling with tls-toolkit in order to create a client certificate with a specific DN fields order. Whatever I specify with the -clientCertDN option, toolkit does not honor the fields order I've setup on the command line. Here is an example:
tls-toolkit.sh standalone --hostnames "localhost" --clientCertDn "CN=Nifi Admin, OU=MyUnitNumber, OU=MyUnitName, O=Company, C=FR" --clientCertPassword 'xxxx' - --trustStorePassword 'xxxxx' --keyStorePassword 'xxxxxx' It creates a client certificate as below (.p12) CN=Nifi_admin_O=Company_OU=MyUnitNumber_OU=MyUnitName_C=FR.p12 And looking at the PKCS12 certificate, fields in the subject are order as in the .p12 file name, not the one specified with -clientCertDn option. So my question is, is there a reason for that? Is it normal that tls-toolkit does not respect DN fileds passed in the -clientCertDn option? For info, tls-toolkit v 1.13.2 Thanks for any advice/clue Best regards EmmanuelC2 - Restricted # " Ce courriel et les documents qui lui sont joints peuvent contenir des informations confidentielles, être soumis aux règlementations relatives au contrôle des exportations ou ayant un caractère privé. S'ils ne vous sont pas destinés, nous vous signalons qu'il est strictement interdit de les divulguer, de les reproduire ou d'en utiliser de quelque manière que ce soit le contenu. Toute exportation ou réexportation non autorisée est interdite Si ce message vous a été transmis par erreur, merci d'en informer l'expéditeur et de supprimer immédiatement de votre système informatique ce courriel ainsi que tous les documents qui y sont attachés." ****** " This e-mail and any attached documents may contain confidential or proprietary information and may be subject to export control laws and regulations. If you are not the intended recipient, you are notified that any dissemination, copying of this e-mail and any attachments thereto or use of their contents by any means whatsoever is strictly prohibited. Unauthorized export or re-export is prohibited. If you have received this e-mail in error, please advise the sender immediately and delete this e-mail and all attached documents from your computer system." #
