如何在PHP中创建数字证书并导出到.p12文件?

2022-09-16 08:51:16

如何在PHP中创建数字证书并导出到.p12文件?

我希望.p12文件包含私钥.并且还想检查密钥对是否已经发布(登录数据库).

我找到了一个名为’openssl_pkcs12_export_to_file’的函数,但不知道从哪里开始.似乎我首先需要X509证书和私钥.

解决方法:

<?php
error_reporting(-1);

function dump($Var) {
  echo "<hr/><pre>";
  var_dump($Var);
  echo "</pre><hr/>";
}

function check_errors() {
  echo "<hr/><pre>";
  $Count = 0;
  while (($e=openssl_error_string())!==false) {
    echo $e."<br>";
    $Count++;
  }
  if ($Count==0)
    echo "No error";
  echo "</pre><hr/>";
}

$Configs = array(
  "config" => "e:/progetti/php/openssl/openssl.cfg",
  "digest_alg" => "sha1",
  "x509_extensions" => "v3_ca",
  "req_extensions" => "v3_req",
  "private_key_bits" => 1024,
  "private_key_type" => OPENSSL_KEYTYPE_RSA,
  "encrypt_key" => true,
  "encrypt_key_cipher" => OPENSSL_CIPHER_3DES 
);
$Info = array(
  "countryName" => "VN",
  "stateOrProvinceName" => "Hanoi",
  "localityName" => "Long Bien",
  "organizationName" => "Test Company",
  "organizationalUnitName" => "Test Department",
  "commonName" => "Tester",
  "emailAddress" => "test@gmail.com"
);

$Private_Key = null;
$Unsigned_Cert = openssl_csr_new($Info,$Private_Key,$Configs);
check_errors();
dump($Private_Key);
dump($Unsigned_Cert);

$Signed_Cert = openssl_csr_sign($Unsigned_Cert,null,$Private_Key,365,$Configs);
check_errors();
dump($Signed_Cert);

openssl_pkcs12_export_to_file($Signed_Cert,"test.p12",$Private_Key,"123456");
check_errors();
上一篇:使用mongo-java-driver使用x509证书对MongoDB v2.6进行身份验证时遇到问题


下一篇:Spring安全性使用X.509身份验证并定期更新授权用户详细信息