I can not find exactly what is the meaning and what is used for these fields in certificate..One of the fields is issuer name which contain a lot of fiels. Some of them are distinguished name qualifier, commonName and domainComponent, so can anyone explain me what is used for these field and what is their meaning.. I think that commonName is unique for everyone and if is the name of CA root, but I am not sure is it ok. Thanks in advance.
Best Answer
These are X.520 relative distinguished name (RDN) attributes. Check RFC 1617 for more details and naming guidelines.
The common name depends on the context. For a server it is the host name, for a person the first and last name, for an IoT device it might be a device name, etc.
The domain component is a part of a host name, e.g. google from mail.google.com. I have never seen this in a certificate. It might be used to restrict a certificate to a part of the host name.
The distinguished name qualifier is a global value for entities common from the same source. Same source = same qualifier. It can be used to differentiate distinguished names from different sources using the same distinguished name otherwise in a CA. So it is an attribute to differentiate the source. Example employee John Doe from company A and John Doe from company B. Both companies merge. The CA can use the qualifier company B for the second John Doe. If you have IoT sensors to manage from 3 companies, here maybe 2 qualifiers for the IoT certificates could be used. But I have never seen a certificate using it.
But all definitions are flexible and if you have a reason for your usecase to find a better match, you can apply your rules.
See RF 4519.