X500Principal Distinguished Name order

Question

I\'m using the Bouncycastle lib to generate certificates from PKCS10 requests using the X509v3CertificateBuilder class.

It returns build a X509CertificateHolder object w

Answer 1

Since I need to compare distinguished names, I resolved by parsing the DN with LdapName class and comparing the parsed rdns:

boolean DNmatches(X500Principal p1, X500Principal p2) {
    List rdn1 = new LdapName(p1.getName()).getRdns();
    List rdn2 = new LdapName(p2.getName()).getRdns();

    if(rdn1.size() != rdn2.size())
        return false;

    return rdn1.containsAll(rdn2);
}