php怎么写个csr在线生成

holinhot

1. <?php
   
2. // Fill in data for the distinguished name to be used in the cert
   
3. // You must change the values of these keys to match your name and
   
4. // company, or more precisely, the name and company of the person/site
   
5. // that you are generating the certificate for.
   
6. // For SSL certificates, the commonName is usually the domain name of
   
7. // that will be using the certificate, but for S/MIME certificates,
   
8. // the commonName will be the name of the individual who will use the
   
9. // certificate.
   
10. $dn = array(
    
11.     "countryName" => "CN",
    
12.     "stateOrProvinceName" => "Somerset",
    
13.     "localityName" => "Glastonbury",
    
14.     "organizationName" => "The Brain Room Limited",
    
15.     "organizationalUnitName" => "PHP Documentation Team",
    
16.     "commonName" => "qq.com",
    
17.     "emailAddress" => "wez@example.com"
    
18. );
    
19. 
    
20. $config = array(
    
21.    "digest_alg" => "sha1",
    
22.    "private_key_bits" => 2048,
    
23.    "private_key_type" => OPENSSL_KEYTYPE_DSA,
    
24.    "encrypt_key" => false,
    
25. );
    
26. // Generate a new private (and public) key pair
    
27. $privkey = openssl_pkey_new();
    
28. 
    
29. // Generate a certificate signing request
    
30. $csr = openssl_csr_new($dn, $privkey);
    
31. 
    
32. // You will usually want to create a self-signed certificate at this
    
33. // point until your CA fulfills your request.
    
34. // This creates a self-signed cert that is valid for 365 days
    
35. $sscert = openssl_csr_sign($csr, null, $privkey, 365);
    
36. 
    
37. // Now you will want to preserve your private key, CSR and self-signed
    
38. // cert so that they can be installed into your web server, mail server
    
39. // or mail client (depending on the intended use of the certificate).
    
40. // This example shows how to get those things into variables, but you
    
41. // can also store them directly into files.
    
42. // Typically, you will send the CSR on to your CA who will then issue
    
43. // you with the "real" certificate.
    
44. openssl_csr_export($csr, $csrout) and var_dump($csrout);
    
45. openssl_x509_export($sscert, $certout) and var_dump($certout);
    
46. openssl_pkey_export($privkey, $pkeyout, "mypassword") and var_dump($pkeyout);
    
47. 
    
48. // Show any errors that occurred here
    
49. while (($e = openssl_error_string()) !== false) {
    
50.     echo $e . "\n";
    
51. }
    
52. ?>
    
53. 
    
54. 
    
55. 
    
56. 
    

复制代码

怎么不行啊。说我的key加密不是2048bit
我不是指定了2048吗


还有神马方式
QQ图片20130605205726.jpg (49.66 KB, 下载次数: 15)

2013-6-5 20:49 上传

点击文件名下载附件

holinhot

27.$privkey = openssl_pkey_new();
27.$privkey = openssl_pkey_new($config);
没作用