doupinyan0186
2018-11-21 15:34 阅读 99
已采纳

Laravel - 无法从.env文件获取.pem公钥数据

I have an webapp built with Laravel and i need to use a public key from a .pem file to verify some data. The key is kept in the .env file and retrieved via config/app.php with the env() helper. Since the .pem key needs to be on separate lines with specific length i use characters to keep the key on one line. Problem is that when i use the characters the variable is not cached and i cannot access it. When i remove the characters i can retrieve the variable but the openssl_get_privatekey($key); returns false. What am i doing wrong? Is this a Laravel or some general PHP issue?

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享

1条回答 默认 最新

  • 已采纳
    dtg25862 dtg25862 2018-11-21 17:17

    PHP's dotenv package does not seem to support multi-line environment variables.

    You should ideally keep your .pem file as a file and reference it by path like e.g.:

    PEM_FILE=/path/to/file.pem
    

    and in the config:

    return [
        //...
        "key" => file_get_contents(env('PEM_FILE'))
    

    This makes sense since generally certificates should generally go in the dedicated certificates path on the server. If you cache the config then the actual contents of the .pem file are only read once on deployment.

    However if you must put it in dotenv then you can do:

    In .env

    PEM_KEY="-----BEGIN RSA PRIVATE KEY-----
    …
    -----END DSA PRIVATE KEY-----"
    

    In configs:

    return [
        //...
        "key" => str_replace("\
    ", "
    ", env('PEM_KEY')), 
    

    Since the key is generally base64 I don't think there's a chance would naturally occur inside a .pem file.

    点赞 评论 复制链接分享

相关推荐