How to add Alternative Directory Name to your certificate request (C#)

Hi all,


We've already seen How to add Subject Alternative Name to your certificate requests (C#). What if we want to set Alternative Directory Name (XCN_CERT_ALT_NAME_DIRECTORY_NAME) in addition to Subject Alternative Name (XCN_CERT_ALT_NAME_RFC822_NAME)?


The interface we use for the alternative names has different methods that we can use depending on the value we want to set:

IAlternativeName interface
You can initialize an IAlternativeName object from an AlternativeNameType enumeration. The following types are available, but they are supported by different initialization methods as indicated.

Description: The name is an email address.
Initialization method:  InitializeFromString

Description: The name is an X.500 directory name.
Initialization method:  InitializeFromRawData


The C# code to set both Subject Alternative Name and Alternative Directory Name should look like this then:

 string strRfc822Name = ""; 
string strDirectoryName = "CN=myuser";
CAlternativeName objRfc822Name = new CAlternativeName();
CX500DistinguishedName objX500 = new CX500DistinguishedName();
string strDirectory = null;
CAlternativeName objDirectoryName = new CAlternativeName();
CAlternativeNames objAlternativeNames = new CAlternativeNames();
CX509ExtensionAlternativeNames objExtensionAlternativeNames = new CX509ExtensionAlternativeNames();

// Set Alternative RFC822 Name
objRfc822Name.InitializeFromString(AlternativeNameType.XCN_CERT_ALT_NAME_RFC822_NAME, strRfc822Name);

// Set Alternative Directory Name
objX500.Encode(strDirectoryName, X500NameFlags.XCN_CERT_NAME_STR_FORCE_UTF8_DIR_STR_FLAG);
strDirectory = objX500.get_EncodedName(EncodingType.XCN_CRYPT_STRING_BINARY);
objDirectoryName.InitializeFromRawData(AlternativeNameType.XCN_CERT_ALT_NAME_DIRECTORY_NAME, EncodingType.XCN_CRYPT_STRING_BINARY, strDirectory);

// Set Alternative Names


I hope this helps.



Alex (Alejandro Campos Magencio)

Comments (0)

Skip to main content