Specify distinguished names

Define distinguished names (DNs) to describe the fully qualified paths to your entry points for trusted entities.

• All client keystores should have matching DNs.
• All node keystores must have matching DNs. The client DN must be unique from the node DN.
• If the DNs don’t exactly match (for example, if they contain a hostname), you may use a wild card character in the name; for example:

  CN=*.spectrum.pb.com,OU=Spectrum Technology Platform,O=Pitney Bowes,DC=node,DC=spectrum,DC=pb,DC=com

• Limit special characters and whitespace in DNs. If parts of your DN contain special characters, such as a comma, make sure the name is escaped with a backslash. This page has a comprehensive explanation of DN escaping rules.
• Omit whitespaces between the individual parts of the DN.
• Review this guideline for specifying DNs