Java code signing certificate error

Question

Java code signing certificate error

I am creating a certificate signing request like this:

keytool -genkey -alias server -keyalg RSA -keysize 2048 -keystore xxxx -dname "CN=www.example.com,OU=Infrastructure and Operations, O=ACME, Inc., L=Test, ST=Test, C=US" && keytool -certreq -alias server -file xxxx.csr -keystore xxxx.jks

When the code signing certificate is generated, for some reason the CN is assigned to the organization value instead of the FQDN that I originally originally specified www.example.com

Thus, the certificate has CN=ACME, Inc.

,OU=Infrastructure and Operations, O=ACME, Inc., L=Test, ST=Test, C=US

Not sure why he didn't get the FQDN.

+3

java ssl-certificate keytool code-signing-certificate

LB79 05 Aug 15 at 13:39

source to share

1 answer

meskobalazs · Answer 1 · 2015-08-05T13:56:00+0000

Oracle docs say:

If the distinguished name string value contains a comma, the comma must be character-escaped "\"

when you specify the string on the command line, as in

cn=peter schuster, o=Sun Microsystems\, Inc., o=sun, c=us

So the valid dname is:

"CN=www.example.com,OU=Infrastructure and Operations, O=ACME\, Inc., L=Test, ST=Test, C=US"

Java code signing certificate error

More articles: