php创建证书签名请求到文件错误/警告

I need to create a certificate signing request to file but last line give error when run:

Warning: openssl_csr_export_to_file() expects parameter 1 to be resource, boolean given 

Any idea? this is the code, it's php 7.04 - wamp.

    <?php
    $subject = array(
    "commonName" => "example.com",
    );
    $private_key = openssl_pkey_new(array(
    "config" => "C:/wamp/bin/php/php7.0.4/extras/ssl/openssl.cnf",
    "private_key_bits" => 2048,
    "private_key_type" => OPENSSL_KEYTYPE_RSA
    ));

    $csr = openssl_csr_new($subject, $private_key, array('digest_alg' => 
    'sha384') );
     openssl_pkey_export_to_file($private_key, 'example-priv.key');
     // Along with the subject, the CSR contains the public key corresponding to    
     // the private key
    openssl_csr_export_to_file($csr, 'example-csr.pem');
doutui2016
doutui2016 查看openssl_csr_new手册。如果失败则返回false。您尚未检查过,因此以后的调用在需要资源时会获得布尔值。
8 个月之前 回复

2个回答

Corrected:

$subject = array(
    "commonName" => "example.com",
);

// vars to make private key
$private_key = openssl_pkey_new(array(
    "private_key_bits" => 2048,
    "private_key_type" => OPENSSL_KEYTYPE_RSA
));

// in config you put path to openssl.cnf
$Configs = array(       
    'config' => 'C:/wamp/bin/php/php7.0.4/extras/ssl/openssl.cnf',
    'digest_alg' => 'sha2',
    'x509_extensions' => 'v3_ca',
    'req_extensions' => 'v3_req',
    'encrypt_key' => true,
    'encrypt_key_cipher' => OPENSSL_CIPHER_3DES
);

$csr = openssl_csr_new($subject , $private_key,  $Configs );

openssl_pkey_export_to_file($private_key, 'priv.key');

// openssl_csr_export_to_file($csr, 'example-csr.pem');
// better to specify path
openssl_csr_export_to_file($csr, 'C:/wamp/example-csr.pem' );

/*
or view it:
openssl_csr_export($csr, $csrout);  //  and var_dump($csrout);
echo $csrout;
*/



Improved but not sure yet if all steps result in correct keys/files (someone can look at it?):

<?php
echo '<pre>'; error_reporting(E_ALL); ini_set('display_errors', '1');

$dn = array(
    "countryName" => "GB",
    "stateOrProvinceName" => "Greater London",
    "localityName" => "London",
    "organizationName" => "XY Ltd",
    "emailAddress" => "ab@xy.com"
);

$Configs = array(       
    'config' => 'C:/wamp/bin/php/php7.0.4/extras/ssl/openssl.cnf',
    'digest_alg' => 'sha2',
    'x509_extensions' => 'v3_ca',
    'req_extensions' => 'v3_req',
    'encrypt_key' => true,
    'encrypt_key_cipher' => OPENSSL_CIPHER_3DES
);

$privateKey = openssl_pkey_new([
    "config" => "C:/wamp/bin/php/php7.0.4/extras/ssl/openssl.cnf",
    "private_key_bits" => 2048,
    "private_key_type" => OPENSSL_KEYTYPE_RSA,
]);

openssl_pkey_export($privateKey, $privKey, null, [
    "config" => "C:/wamp/bin/php/php7.0.4/extras/ssl/openssl.cnf",
]);

$a_key = openssl_pkey_get_details($privateKey);

// print_r($a_key);
// print_r($privKey); // Just to test output

file_put_contents('keys/public.key', $a_key['key']);
file_put_contents('keys/private.pem', $privKey);

$csr = openssl_csr_new($dn, $private_key, $Configs);
// var_dump($csr);

openssl_csr_export_to_file($csr, 'C:/wamp/www/php/keys/public.csr' );

openssl_free_key($privateKey);
Csdn user default icon
上传中...
上传图片
插入图片
抄袭、复制答案,以达到刷声望分或其他目的的行为,在CSDN问答是严格禁止的,一经发现立刻封号。是时候展现真正的技术了!
立即提问