3.1.1.4.3.1.2 New Certificate Request Using CMS and PKCS #10 Request Formats

  • Article

The request MUST be an ASN.1 DER encoded CMS request as specified in [RFC3852]. The CMS ASN.1 structure includes the following fields:

  • ContentType: This field MUST be the OID szOID_PKCS_7_SIGNED (1.2.840.113549.1.7.2, id-signedData).

  • Content: This field MUST be a SignedData with the following values for its fields:

    • encapContentInfo: This field MUST have the following values for its fields:

      • eContentType: This field MUST be OIDszOID_PKCS_7_DATA (1.2.840.113549.1.7.1, id-data).

      • eContent: This field MUST be a PKCS #10 certificate request as specified in section 3.1.1.4.3.1.1.

SignerInfos: The request MUST be signed as specified in [RFC3852].