You must also use the string representation of the certificate to get the public key resource:
$dn = array(); // use defaults
$res_privkey = openssl_pkey_new();
$res_csr = openssl_csr_new($dn, $res_privkey);
$res_cert = openssl_csr_sign($res_csr, null, $res_privkey, $ndays);
openssl_x509_export($res_cert, $str_cert);
$res_pubkey = openssl_pkey_get_public($str_cert);
openssl_pkey_get_public
(PHP 4 >= 4.2.0, PHP 5)
openssl_pkey_get_public -- Extract public key from certificate and prepare it for useDescription
resource openssl_pkey_get_public ( mixed certificate )Returns a positive key resource identifier on success, or FALSE on error.
openssl_get_publickey() extracts the public key from certificate and prepares it for use by other functions. certificate can be one of the following:
an X.509 certificate resource
a string having the format file://path/to/file.pem. The named file must contain a PEM encoded certificate/private key (it may contain both).
A PEM formatted private key.
add a note
User Contributed Notes
dankybastard at hotmail
10-Feb-2005 12:52
10-Feb-2005 12:52
10-Aug-2004 02:44
This documentation notes it can take a PEM-formatted private key, but as per bug #25614, this is not possible in any form. The function simply returns a FALSE.
The only thing you can get public keys out of are X.509 certificates.
Furthermore, there is NO way to export a public key into a PEM-encoded form.