使用openssl函数时,Apache服务器(xampp)崩溃
我正试图用php生成一个私钥/公钥对 服务器:Apache/2.4.3(Win32)OpenSSL/1.0.1c PHP/5.4.7 操作系统是安装了所有Windows更新的Windows XP SP3 我正在尝试执行以下脚本:使用openssl函数时,Apache服务器(xampp)崩溃,apache,crash,openssl,Apache,Crash,Openssl,我正试图用php生成一个私钥/公钥对 服务器:Apache/2.4.3(Win32)OpenSSL/1.0.1c PHP/5.4.7 操作系统是安装了所有Windows更新的Windows XP SP3 我正在尝试执行以下脚本: <?php $ssl_path = getcwd(); $ssl_path = preg_replace('/\\\/','/', $ssl_path); // Replace \ with / $config = array( 'config'
<?php
$ssl_path = getcwd();
$ssl_path = preg_replace('/\\\/','/', $ssl_path); // Replace \ with /
$config = array(
'config' => "$ssl_path/openssl.cnf",
'private_key_bits' => 1024,
'private_key_type' => OPENSSL_KEYTYPE_RSA
);
$dn = array(
"countryName" => "AT",
"stateOrProvinceName" => "Vienna",
"localityName" => "Cambs",
"organizationName" => "UniServer",
"organizationalUnitName" => "Demo",
"commonName" => "localhost",
"emailAddress" => "me@example.com"
);
$privateKey = openssl_pkey_new($config);
$csr = openssl_csr_new($dn, $privateKey, $config);
$sscert = openssl_csr_sign($csr, NULL, $privateKey, 365, $config);
openssl_pkey_export_to_file($privateKey, "C:/server.key", NULL, $config);
openssl_x509_export_to_file($sscert, "C:/server.crt", FALSE);
openssl_csr_export_to_file($csr, "C:/server.csr");
$keyDetails = openssl_pkey_get_details($privateKey);
file_put_contents('C:/public.key', $keyDetails['key']);
?>
非常感谢 根据我的经验,openssl_pkey_get_details()需要X.509证书才能获取公钥,而不是私钥(不管文档怎么说) 这一切可能更容易处理。例如:
我忘了添加;使apache崩溃的函数是openssl_pkey_get_details()
#######################################################################
# File name: openssl.cnf
# Created By: The Uniform Server Development Team
########################################################################
#
# OpenSSL configuration file.
#
# Establish working directory.
dir = .
[ req ]
default_bits = 1024
default_md = sha1
default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
x509_extensions = v3_ca
string_mask = nombstr
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_min = 2
countryName_max = 2
stateOrProvinceName = State or Province Name (full name)
localityName = Locality Name (eg, city)
0.organizationName = Organization Name (eg, company)
organizationalUnitName = Organizational Unit Name (eg, section)
commonName = Common Name (eg, YOUR fqdn)
commonName_max = 64
emailAddress = Email Address
emailAddress_max = 64
[ ssl_server ]
basicConstraints = CA:FALSE
nsCertType = server
keyUsage = digitalSignature, keyEncipherment
extendedKeyUsage = serverAuth, nsSGC, msSGC
nsComment = "OpenSSL Certificate for SSL Web Server"
[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
[ v3_ca ]
basicConstraints = critical, CA:true, pathlen:0
nsCertType = sslCA
keyUsage = cRLSign, keyCertSign
extendedKeyUsage = serverAuth, clientAuth
nsComment = "OpenSSL CA Certificate"
<?php
include('File/X509.php');
include('Crypt/RSA.php');
// create private key / x.509 cert for stunnel / website
$privKey = new Crypt_RSA();
extract($privKey->createKey());
$privKey->loadKey($privatekey);
$pubKey = new Crypt_RSA();
$pubKey->loadKey($publickey);
$pubKey->setPublicKey();
$subject = new File_X509();
$subject->setDN(array(
"countryName" => "AT",
"stateOrProvinceName" => "Vienna",
"localityName" => "Cambs",
"organizationName" => "UniServer",
"organizationalUnitName" => "Demo",
"commonName" => "localhost",
"emailAddress" => "me@example.com"
));
$subject->setPublicKey($pubKey);
$issuer = new File_X509();
$issuer->setPrivateKey($privKey);
$issuer->setDN($subject->getDN());
$x509 = new File_X509();
$result = $x509->sign($issuer, $subject);
$csr = $issuer->signCSR();
$csr = $x509->saveCSR($csr);
file_put_contents("C:/server.key", $privKey->getPrivateKey());
file_put_contents("C:/server.crt", $x509->saveX509($result));
file_put_contents('C:/public.key', $privKey->getPublicKey());
file_put_contents("C:/server.csr", $csr);
?>