Generating (PKCS12) certificate friendly name with Bouncy Castle in Java

I am using the bouncycastle library to create certificates and export them as PKCS12 certificate files on a Java webapp.

The code on my app to generate the certificate file is the same as in this page (see Step 5).

When I import the certificate into my store, what I see for the friendly name on my certificate is a combination of the user information and a really long identifier which always begins as the cons开发者_开发技巧tant contained in the following interface followed by a HEX string:

• org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers.pkcs_9

Removing the code that seems to be storing the friendly name has no effect on the app (see code bellow).

PKCS12BagAttributeCarrier bagCert = clientCert;

bagCert.setBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString("My friendly name for the new certificate"));

bagCert.setBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId, new SubjectKeyIdentifierStructure(pubKey));

I am using bouncycastle 1.45 for JDK5.

What I expect from my webapp is that it produces the string "My friendly name for the new certificate" as the certificate's friendly name.