diff --git a/phpseclib/File/ASN1.php b/phpseclib/File/ASN1.php
index a3d4d9b3..4b67366d 100644
--- a/phpseclib/File/ASN1.php
+++ b/phpseclib/File/ASN1.php
@@ -824,10 +824,10 @@ class ASN1
             case self::TYPE_SET:    // Children order is not important, thus process in sequence.
             case self::TYPE_SEQUENCE:
                 $tag|= 0x20; // set the constructed bit
-                $value = '';
 
                 // ignore the min and max
                 if (isset($mapping['min']) && isset($mapping['max'])) {
+                    $value = array();
                     $child = $mapping['children'];
 
                     foreach ($source as $content) {
@@ -835,11 +835,21 @@ class ASN1
                         if ($temp === false) {
                             return false;
                         }
-                        $value.= $temp;
+                        $value[]= $temp;
                     }
+                    /* "The encodings of the component values of a set-of value shall appear in ascending order, the encodings being compared
+                        as octet strings with the shorter components being padded at their trailing end with 0-octets.
+                        NOTE - The padding octets are for comparison purposes only and do not appear in the encodings."
+
+                       -- sec 11.6 of http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf  */
+                    if ($mapping['type'] == FILE_ASN1_TYPE_SET) {
+                        sort($value);
+                    }
+                    $value = implode($value, '');
                     break;
                 }
 
+                $value = '';
                 foreach ($mapping['children'] as $key => $child) {
                     if (!array_key_exists($key, $source)) {
                         if (!isset($child['optional'])) {