I read through RFC2253 but there doesn’t seems to mention about the order of subject line.
ST=,emailAddressemail@example.com,C=,L=,O=,OU=,CN=My Common Name
but if I add user with the CN first (or any other orders), it doesn’t
From RFC2253 - When converting from an ASN.1 RelativeDistinguishedName to a string,
the output consists of the string encodings of each
AttributeTypeAndValue (according to 2.3), in any order.
We are trying to adduser programmatically and issuing the certificates, so we would like to know is there a specific sequence mongodb is following? e.g. ST → emailAddress → C → L → O → OU → CN
If we use crypto, and use
crypto.X509Certificate(buffer), we are able to extract the subject in the order of CN → OU → O → L → C → emailAddress → ST.
If we reverse it, it does seems like the order
openssl -in filename -nameopts RFC2253 -subject gives, and mongodb doesn’t return error when connecting with the certificate (e.g. using compass). Can we get a confirmation?