i want to use gencert to create a user certificate. What will be used as the SUBJDN if I do not specify one?

Document ID : KB000024492
Last Modified Date : 14/02/2018
Show Technical Document Details

Question:

What is used as a default for SUBJDN in a GENCERT command if one is not specified?

 

Answer:

The CA ACF2 Administrator's guide - Chapter 25 Digital Certifate Support states that the default SUBJDN(subject's distinguished name) is generated with CN='ACF2 USER:logonid'

Using this example..

GENCERT JDOE1.CERT 

If no subject dn is specified on the gencert CA ACF2 will use the name field from the logonid record.
e.g. SUBJDN(CN=JOHN DOE)

 If there is no name field in the logonid record CA ACF2 will use CN='ACF2 USER:logonid'. 
in this example SUBJDN(CN=ACF2 USER:JDOE1)


this format will also be used if the logonid record does not exist in the ACF2 database.
SUBJDN(CN=ACF2 USER:JDOE1)