Country/State Code Validity Not Checked Via Certificate Request (180342)
The information in this article applies to:
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Professional
This article was previously published under Q180342 SUMMARY
When you fill out a certificate request through the Identifying Information
window, valid entries must be entered for the Distinguished Name (DN)
fields such as for Common Name (CN), State, Country, and so on. However,
the certificate processing code does not check for a valid State or Country
entry as it does for the remaining entries.
MORE INFORMATION
Currently, country codes follow the ISO 3166 abbreviations but Certificate
Server does not enforce these to be entered correctly; the same applies for
state. The reason for this is because forcing a valid entry for the various
states and provinces of every country in the world would require a
tremendous amount of checking and any declared standard is likely to become
obsolete soon after implementation.
An up-to-date table of ISO 3166 codes built into Certificate Server or
available as a system-wide service would be required to make this
practical. However, in the long run, this would not be a practical solution
from a user's standpoint because, if the country codes change, users would
be required to obtain a new release or update of the valid Country and
State/Province codes.
Modification Type: | Major | Last Reviewed: | 2/24/2004 |
---|
Keywords: | kbinfo KB180342 |
---|
|