How to create a digital certificate and export to .p12 file in PHP?
I want the .p12 file to have private key included. And also want to check whether the key pair is already issued (logged in database).
I found a function called 'openssl_pkcs12_export_to_file' but don't know where to start. Seems that I need an X509 cert and a private key first.
<?php
error_reporting(-1);
function dump($Var) {
echo "<hr/><pre>";
var_dump($Var);
echo "</pre><hr/>";
}
function check_errors() {
echo "<hr/><pre>";
$Count = 0;
while (($e=openssl_error_string())!==false) {
echo $e."<br>";
$Count++;
}
if ($Count==0)
echo "No error";
echo "</pre><hr/>";
}
$Configs = array(
"config" => "e:/progetti/php/openssl/openssl.cfg",
"digest_alg" => "sha1",
"x509_extensions" => "v3_ca",
"req_extensions" => "v3_req",
"private_key_bits" => 1024,
"private_key_type" => OPENSSL_KEYTYPE_RSA,
"encrypt_key" => true,
"encrypt_key_cipher" => OPENSSL_CIPHER_3DES
);
$Info = array(
"countryName" => "VN",
"stateOrProvinceName" => "Hanoi",
"localityName" => "Long Bien",
"organizationName" => "Test Company",
"organizationalUnitName" => "Test Department",
"commonName" => "Tester",
"emailAddress" => "test@gmail.com"
);
$Private_Key = null;
$Unsigned_Cert = openssl_csr_new($Info,$Private_Key,$Configs);
check_errors();
dump($Private_Key);
dump($Unsigned_Cert);
$Signed_Cert = openssl_csr_sign($Unsigned_Cert,null,$Private_Key,365,$Configs);
check_errors();
dump($Signed_Cert);
openssl_pkcs12_export_to_file($Signed_Cert,"test.p12",$Private_Key,"123456");
check_errors();
Creating a self-signed-certificate:
<?php
$dn = array(
"countryName" => "UK",
"stateOrProvinceName" => "Somerset",
"localityName" => "Glastonbury",
"organizationName" => "The Brain Room Limited",
"organizationalUnitName" => "PHP Documentation Team",
"commonName" => "Wez Furlong",
"emailAddress" => "wez@example.com"
);
$privkey = openssl_pkey_new();
$csr = openssl_csr_new($dn, $privkey);
$sscert = openssl_csr_sign($csr, null, $privkey, 365);
openssl_csr_export($csr, $csrout) and var_dump($csrout);
openssl_x509_export($sscert, $certout) and var_dump($certout);
openssl_pkey_export($privkey, $pkeyout, "mypassword") and var_dump($pkeyout);
// Show any errors that occurred here
while (($e = openssl_error_string()) !== false) {
echo $e . "\n";
}
?>
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 该账号已被封号 的文章《How to create a digital certificate and export to 》','https://www.manongdao.com/article-256804.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}