As you probably found, getting the public key is not as direct as you might think with this documentation.
You can easily get into messages like:
Warning: openssl_pkey_get_public(): Don't know how to get public key from this private key (the documentation lied) in D:\www\keys.php on line 4
The correct steps to get the whole thing seem to be these:
<?
$dn = array("countryName" => 'XX', "stateOrProvinceName" => 'State', "localityName" => 'SomewhereCity', "organizationName" => 'MySelf', "organizationalUnitName" => 'Whatever', "commonName" => 'mySelf', "emailAddress" => 'user@domain.com');
$privkeypass = '1234';
$numberofdays = 365;
$privkey = openssl_pkey_new();
$csr = openssl_csr_new($dn, $privkey);
$sscert = openssl_csr_sign($csr, null, $privkey, $numberofdays);
openssl_x509_export($sscert, $publickey);
openssl_pkey_export($privkey, $privatekey, $privkeypass);
openssl_csr_export($csr, $csrStr);
echo $privatekey; // Will hold the exported PriKey
echo $publickey; // Will hold the exported PubKey
echo $csrStr; // Will hold the exported Certificate
?>
Now all you need to do is to make some research on each individual function.
openssl_pkey_new
Description
resource openssl_pkey_new ( [array configargs] )openssl_pkey_new() generates a new private and public key pair. The public component of the key can be obtained using openssl_pkey_get_public(). You can finetune the key generation (such as specifying the number of bits) using configargs. See openssl_csr_new() for more information about configargs.
注: You need to have a valid openssl.cnf installed for this function to operate correctly. See the notes under the installation section for more information.
add a note
User Contributed Notes
NOSPAM dot alchaemist at hiperlinux dot com dot ar
30-May-2004 03:17
30-May-2004 03:17