Security
Security

Are there special characters to consider, or avoid, when doing PKI?

by Juniper Employee on ‎01-26-2016 08:03 AM - edited on ‎09-22-2017 03:41 PM by Administrator Administrator (620 Views)

Question

Are there special characters to consider, or avoid, when doing PKI?

Answer

The comma (,) is a special character in ASN.1 DN and requires an escape character, to use which is the backslash (\).

 

The UTF-8 encoded string should not have any of the following characters:

  • A space or pound (#) character occurring at the beginning of the string
  • A space character occurring at the end of the string
  • The comma (,), plus (+), double quote (""), back slash(\), less than or left triangle bracket (<), greater than or right triangle bracket (>), or semi-colon (;)

If the comma (,) character needs to be escaped, then it should be prefixed by a backslash (\) (ASCII 92).

 

Junos OS supports printable strings such as the comma for delimiters. You cannot use reserved characters, and using names with an underscore (_) can potentially cause problems.

 

For more information, see Understanding Certificates and PKI