📄 function.openssl-csr-new.html

📁 php的帮助文档,涉及到PHP的案例和基本语法,以及实际应用内容
💻 HTML
📖 第 1 页 / 共 2 页
字号:
上一页 12
          <tr valign="middle">           <td colspan="1" rowspan="1" align="left">digest_alg</td>           <td colspan="1" rowspan="1" align="left"><a href="language.types.string.html" class="type string">string</a></td>           <td colspan="1" rowspan="1" align="left">default_md</td>           <td colspan="1" rowspan="1" align="left">Selects which digest method to use</td>          </tr>          <tr valign="middle">           <td colspan="1" rowspan="1" align="left">x509_extensions</td>           <td colspan="1" rowspan="1" align="left"><a href="language.types.string.html" class="type string">string</a></td>           <td colspan="1" rowspan="1" align="left">x509_extensions</td>           <td colspan="1" rowspan="1" align="left">Selects which extensions should be used when creating an x509           certificate</td>          </tr>          <tr valign="middle">           <td colspan="1" rowspan="1" align="left">req_extensions</td>           <td colspan="1" rowspan="1" align="left"><a href="language.types.string.html" class="type string">string</a></td>           <td colspan="1" rowspan="1" align="left">req_extensions</td>           <td colspan="1" rowspan="1" align="left">Selects which extensions should be used when creating a CSR</td>          </tr>          <tr valign="middle">           <td colspan="1" rowspan="1" align="left">private_key_bits</td>           <td colspan="1" rowspan="1" align="left"><a href="language.types.integer.html" class="type integer">integer</a></td>           <td colspan="1" rowspan="1" align="left">default_bits</td>           <td colspan="1" rowspan="1" align="left">Specifies how many bits should be used to generate a private            key</td>          </tr>          <tr valign="middle">           <td colspan="1" rowspan="1" align="left">private_key_type</td>           <td colspan="1" rowspan="1" align="left"><a href="language.types.integer.html" class="type integer">integer</a></td>           <td colspan="1" rowspan="1" align="left">none</td>           <td colspan="1" rowspan="1" align="left">Specifies the type of private key to create.  This can be one            of <b><tt>OPENSSL_KEYTYPE_DSA</tt></b>,            <b><tt>OPENSSL_KEYTYPE_DH</tt></b> or            <b><tt>OPENSSL_KEYTYPE_RSA</tt></b>.            The default value is <b><tt>OPENSSL_KEYTYPE_RSA</tt></b> which            is currently the only supported key type.           </td>          </tr>          <tr valign="middle">           <td colspan="1" rowspan="1" align="left">encrypt_key</td>           <td colspan="1" rowspan="1" align="left"><a href="language.types.boolean.html" class="type boolean">boolean</a></td>           <td colspan="1" rowspan="1" align="left">encrypt_key</td>           <td colspan="1" rowspan="1" align="left">Should an exported key (with passphrase) be encrypted?</td>          </tr>         </tbody>        </colgroup>       </table>      </p>     </dd>    </dt>    <dt>     <span class="term"><i><tt class="parameter">extraattribs</tt></i></span>     <dd>      <p class="para">       <i><tt class="parameter">extraattribs</tt></i> is used to specify additional       configuration options for the CSR.  Both <i><tt class="parameter">dn</tt></i> and       <i><tt class="parameter">extraattribs</tt></i> are associative arrays whose keys are       converted to OIDs and applied to the relevant part of the request.      </p>     </dd>    </dt>   </dl>  </p> </div> <div class="refsect1 returnvalues">  <h3 class="title">Return Values</h3>  <p class="para">   Returns the CSR.  </p> </div> <div class="refsect1 examples">  <h3 class="title">Examples</h3>  <p class="para">   <div class="example">    <p><b>Example #1 Creating a self-signed-certificate</b></p>    <div class="example-contents"><div class="phpcode"><code><span style="color: #000000"><span style="color: #0000BB">&lt;?php<br /></span><span style="color: #FF8000">//&nbsp;Fill&nbsp;in&nbsp;data&nbsp;for&nbsp;the&nbsp;distinguished&nbsp;name&nbsp;to&nbsp;be&nbsp;used&nbsp;in&nbsp;the&nbsp;cert<br />//&nbsp;You&nbsp;must&nbsp;change&nbsp;the&nbsp;values&nbsp;of&nbsp;these&nbsp;keys&nbsp;to&nbsp;match&nbsp;your&nbsp;name&nbsp;and<br />//&nbsp;company,&nbsp;or&nbsp;more&nbsp;precisely,&nbsp;the&nbsp;name&nbsp;and&nbsp;company&nbsp;of&nbsp;the&nbsp;person/site<br />//&nbsp;that&nbsp;you&nbsp;are&nbsp;generating&nbsp;the&nbsp;certificate&nbsp;for.<br />//&nbsp;For&nbsp;SSL&nbsp;certificates,&nbsp;the&nbsp;commonName&nbsp;is&nbsp;usually&nbsp;the&nbsp;domain&nbsp;name&nbsp;of<br />//&nbsp;that&nbsp;will&nbsp;be&nbsp;using&nbsp;the&nbsp;certificate,&nbsp;but&nbsp;for&nbsp;S/MIME&nbsp;certificates,<br />//&nbsp;the&nbsp;commonName&nbsp;will&nbsp;be&nbsp;the&nbsp;name&nbsp;of&nbsp;the&nbsp;individual&nbsp;who&nbsp;will&nbsp;use&nbsp;the<br />//&nbsp;certificate.<br /></span><span style="color: #0000BB">$dn&nbsp;</span><span style="color: #007700">=&nbsp;array(<br />&nbsp;&nbsp;&nbsp;&nbsp;</span><span style="color: #DD0000">"countryName"&nbsp;</span><span style="color: #007700">=&gt;&nbsp;</span><span style="color: #DD0000">"UK"</span><span style="color: #007700">,<br />&nbsp;&nbsp;&nbsp;&nbsp;</span><span style="color: #DD0000">"stateOrProvinceName"&nbsp;</span><span style="color: #007700">=&gt;&nbsp;</span><span style="color: #DD0000">"Somerset"</span><span style="color: #007700">,<br />&nbsp;&nbsp;&nbsp;&nbsp;</span><span style="color: #DD0000">"localityName"&nbsp;</span><span style="color: #007700">=&gt;&nbsp;</span><span style="color: #DD0000">"Glastonbury"</span><span style="color: #007700">,<br />&nbsp;&nbsp;&nbsp;&nbsp;</span><span style="color: #DD0000">"organizationName"&nbsp;</span><span style="color: #007700">=&gt;&nbsp;</span><span style="color: #DD0000">"The&nbsp;Brain&nbsp;Room&nbsp;Limited"</span><span style="color: #007700">,<br />&nbsp;&nbsp;&nbsp;&nbsp;</span><span style="color: #DD0000">"organizationalUnitName"&nbsp;</span><span style="color: #007700">=&gt;&nbsp;</span><span style="color: #DD0000">"PHP&nbsp;Documentation&nbsp;Team"</span><span style="color: #007700">,<br />&nbsp;&nbsp;&nbsp;&nbsp;</span><span style="color: #DD0000">"commonName"&nbsp;</span><span style="color: #007700">=&gt;&nbsp;</span><span style="color: #DD0000">"Wez&nbsp;Furlong"</span><span style="color: #007700">,<br />&nbsp;&nbsp;&nbsp;&nbsp;</span><span style="color: #DD0000">"emailAddress"&nbsp;</span><span style="color: #007700">=&gt;&nbsp;</span><span style="color: #DD0000">"wez@example.com"<br /></span><span style="color: #007700">);<br /><br /></span><span style="color: #FF8000">//&nbsp;Generate&nbsp;a&nbsp;new&nbsp;private&nbsp;(and&nbsp;public)&nbsp;key&nbsp;pair<br /></span><span style="color: #0000BB">$privkey&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_pkey_new</span><span style="color: #007700">();<br /><br /></span><span style="color: #FF8000">//&nbsp;Generate&nbsp;a&nbsp;certificate&nbsp;signing&nbsp;request<br /></span><span style="color: #0000BB">$csr&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_csr_new</span><span style="color: #007700">(</span><span style="color: #0000BB">$dn</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$privkey</span><span style="color: #007700">);<br /><br /></span><span style="color: #FF8000">//&nbsp;You&nbsp;will&nbsp;usually&nbsp;want&nbsp;to&nbsp;create&nbsp;a&nbsp;self-signed&nbsp;certificate&nbsp;at&nbsp;this<br />//&nbsp;point&nbsp;until&nbsp;your&nbsp;CA&nbsp;fulfills&nbsp;your&nbsp;request.<br />//&nbsp;This&nbsp;creates&nbsp;a&nbsp;self-signed&nbsp;cert&nbsp;that&nbsp;is&nbsp;valid&nbsp;for&nbsp;365&nbsp;days<br /></span><span style="color: #0000BB">$sscert&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_csr_sign</span><span style="color: #007700">(</span><span style="color: #0000BB">$csr</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">null</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$privkey</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">365</span><span style="color: #007700">);<br /><br /></span><span style="color: #FF8000">//&nbsp;Now&nbsp;you&nbsp;will&nbsp;want&nbsp;to&nbsp;preserve&nbsp;your&nbsp;private&nbsp;key,&nbsp;CSR&nbsp;and&nbsp;self-signed<br />//&nbsp;cert&nbsp;so&nbsp;that&nbsp;they&nbsp;can&nbsp;be&nbsp;installed&nbsp;into&nbsp;your&nbsp;web&nbsp;server,&nbsp;mail&nbsp;server<br />//&nbsp;or&nbsp;mail&nbsp;client&nbsp;(depending&nbsp;on&nbsp;the&nbsp;intended&nbsp;use&nbsp;of&nbsp;the&nbsp;certificate).<br />//&nbsp;This&nbsp;example&nbsp;shows&nbsp;how&nbsp;to&nbsp;get&nbsp;those&nbsp;things&nbsp;into&nbsp;variables,&nbsp;but&nbsp;you<br />//&nbsp;can&nbsp;also&nbsp;store&nbsp;them&nbsp;directly&nbsp;into&nbsp;files.<br />//&nbsp;Typically,&nbsp;you&nbsp;will&nbsp;send&nbsp;the&nbsp;CSR&nbsp;on&nbsp;to&nbsp;your&nbsp;CA&nbsp;who&nbsp;will&nbsp;then&nbsp;issue<br />//&nbsp;you&nbsp;with&nbsp;the&nbsp;"real"&nbsp;certificate.<br /></span><span style="color: #0000BB">openssl_csr_export</span><span style="color: #007700">(</span><span style="color: #0000BB">$csr</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$csrout</span><span style="color: #007700">)&nbsp;and&nbsp;</span><span style="color: #0000BB">var_dump</span><span style="color: #007700">(</span><span style="color: #0000BB">$csrout</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">openssl_x509_export</span><span style="color: #007700">(</span><span style="color: #0000BB">$sscert</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$certout</span><span style="color: #007700">)&nbsp;and&nbsp;</span><span style="color: #0000BB">var_dump</span><span style="color: #007700">(</span><span style="color: #0000BB">$certout</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">openssl_pkey_export</span><span style="color: #007700">(</span><span style="color: #0000BB">$privkey</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$pkeyout</span><span style="color: #007700">,&nbsp;</span><span style="color: #DD0000">"mypassword"</span><span style="color: #007700">)&nbsp;and&nbsp;</span><span style="color: #0000BB">var_dump</span><span style="color: #007700">(</span><span style="color: #0000BB">$pkeyout</span><span style="color: #007700">);<br /><br /></span><span style="color: #FF8000">//&nbsp;Show&nbsp;any&nbsp;errors&nbsp;that&nbsp;occurred&nbsp;here<br /></span><span style="color: #007700">while&nbsp;((</span><span style="color: #0000BB">$e&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_error_string</span><span style="color: #007700">())&nbsp;!==&nbsp;</span><span style="color: #0000BB">false</span><span style="color: #007700">)&nbsp;{<br />&nbsp;&nbsp;&nbsp;&nbsp;echo&nbsp;</span><span style="color: #0000BB">$e&nbsp;</span><span style="color: #007700">.&nbsp;</span><span style="color: #DD0000">"\n"</span><span style="color: #007700">;<br />}<br /></span><span style="color: #0000BB">?&gt;</span></span></code></div>    </div>   </div>  </p> </div></div><hr /><div style="text-align: center;"> <div class="prev" style="text-align: left; float: left;"><a href="function.openssl-csr-get-subject.html">openssl_csr_get_subject</a></div> <div class="next" style="text-align: right; float: right;"><a href="function.openssl-csr-sign.html">openssl_csr_sign</a></div> <div class="up"><a href="ref.openssl.html">OpenSSL Functions</a></div> <div class="home"><a href="index.html">PHP Manual</a></div></div></body></html>
上一页 12
💿 文件大小 3633 K
👤 上传用户 fengkuangyidao
📂 所属分类文章/文档
🏷️ 相关标签

#php #PHP #文档 #实际应用
⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -