doupinyan0186
2018-11-21 15:34
浏览 191
已采纳

Laravel - 无法从.env文件获取.pem公钥数据

I have an webapp built with Laravel and i need to use a public key from a .pem file to verify some data. The key is kept in the .env file and retrieved via config/app.php with the env() helper. Since the .pem key needs to be on separate lines with specific length i use characters to keep the key on one line. Problem is that when i use the characters the variable is not cached and i cannot access it. When i remove the characters i can retrieve the variable but the openssl_get_privatekey($key); returns false. What am i doing wrong? Is this a Laravel or some general PHP issue?

图片转代码服务由CSDN问答提供 功能建议

我有一个使用Laravel构建的web应用程序,我需要使用.pem文件中的公钥来验证某些数据 。 密钥保存在.env文件中,并通过 config / app.php env()帮助程序检索。 由于.pem键需要在具有特定长度的单独行上,因此使用 字符将键保持在一行上。 问题是,当我使用 字符时,变量不会被缓存,我无法访问它。 当我删除 字符时,我可以检索变量,但 openssl_get_privatekey($ key); 返回false。 我究竟做错了什么? 这是一个Laravel还是一些普通的PHP问题?

  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

1条回答 默认 最新

  • dtg25862 2018-11-21 17:17
    已采纳

    PHP's dotenv package does not seem to support multi-line environment variables.

    You should ideally keep your .pem file as a file and reference it by path like e.g.:

    PEM_FILE=/path/to/file.pem
    

    and in the config:

    return [
        //...
        "key" => file_get_contents(env('PEM_FILE'))
    

    This makes sense since generally certificates should generally go in the dedicated certificates path on the server. If you cache the config then the actual contents of the .pem file are only read once on deployment.

    However if you must put it in dotenv then you can do:

    In .env

    PEM_KEY="-----BEGIN RSA PRIVATE KEY-----
    …
    -----END DSA PRIVATE KEY-----"
    

    In configs:

    return [
        //...
        "key" => str_replace("\
    ", "
    ", env('PEM_KEY')), 
    

    Since the key is generally base64 I don't think there's a chance would naturally occur inside a .pem file.

    打赏 评论

相关推荐 更多相似问题