Share via

3.1.1.4.3.4.1.3 Certificate Request with Challenge Response

  • Article

The request MUST be an ASN.1 DER-encoded CMS request (as specified in [RFC3852]). The ASN.1 structure includes the following fields:

  • RecipientInfos: This field MUST reference the CA exchange certificate that contains the public key that is used to encrypt the client's private key. The exact format of RecipientInfos is specified in [RFC3852] section 6.1.

  • EncryptedContent: This field MUST include the secret that the CA has sent (in encrypted format) as described in section 3.2.2.6.2.1.2.6.