EJBCA supports custom OIDs in DN components. To add your own customized DN, call the DN, for example:

CN=MyCommonName,1.1.1.1=MyCustomOid,C=SE Where 1.1.1.1 is your custom OID

Note that custom OIDs are always encoded as UTF8String in the DN.

To enable support for custom OIDs in the Admin GUI, edit the file src/java/profilemappings.properties and add your new OID at the end of the file. Follow the example in the file to add your OID in the End Entity Profile, and add new users. After updating the profilemappings.properties, always edit the appropriate language properties file modules/admin-gui/resources/languages/languagefile.<your language>.properties and add the last field in the profilemappings.properties file, i.e. the LanguageConstant. This is required in order to avoid that your new field is displayed in the Admin GUI as the key you entered.

By default, EJBCA places unknown OIDs at the end. For example, the DN can be displayed as CN=MyCommonName,C=SE,1.1.1.1=MyCustomOid (if looking at the ASN.1 encoding, different applications display in a different order regardless of the ASN.1 encoding). To control the ASN.1 ordering of DN elements, add a file named dncomponents.properties in the directory ejbca/src/java. The file dncomponents.properties.sample in the distribution displays the default order in EJBCA and can be used as an example. Note that your custom OID must be ordered in the correct place in the dncomponents.properties file and the file must include all components from the sample file. Also note that you can control the order also in the certificate profile, via the Custom Subject DN Order field. After updating the dncomponents.properties file, runt ant clean before re-deploying EJBCA.