PHP-openssl公钥大小
我正在按照手册创建一个.pem证书,并且我正在使用PHP openssl类来创建它。最终证书必须与手册中的证书相同。我几乎什么都有,但有一件事我就是不明白,也许是因为我做事方式不对。以下是手册中的结果:PHP-openssl公钥大小,php,openssl,php-openssl,openssl-engine,Php,Openssl,Php Openssl,Openssl Engine,我正在按照手册创建一个.pem证书,并且我正在使用PHP openssl类来创建它。最终证书必须与手册中的证书相同。我几乎什么都有,但有一件事我就是不明白,也许是因为我做事方式不对。以下是手册中的结果: Issuer: O=example.com, OU=example.com CN=.cc-admin/dnQualifier=1sfCakNi3x6UPCYmogMrITuPMos= 我的代码: $private_key = openssl_pkey_new(array(
Issuer: O=example.com, OU=example.com CN=.cc-admin/dnQualifier=1sfCakNi3x6UPCYmogMrITuPMos=
我的代码:
$private_key = openssl_pkey_new(array(
"private_key_bits" => 2048,
"private_key_type" => OPENSSL_KEYTYPE_RSA,
));
$public = openssl_pkey_get_details(openssl_pkey_get_private($private_key))['key'];
$pk = base64_encode($public);
$dn = array(
"organizationName" => "myorg.com",
"organizationalUnitName" => "myorg.com",
"commonName" => "myorg",
"dnQualifier" => $pk
);
// Generate a certificate signing request
$csr = openssl_csr_new($dn, $privkey, array('digest_alg' => 'sha256','config'=>'customssl.cnf'));
// Generate self-signed EC cert
$x509 = openssl_csr_sign($csr , null, $private_key, $days=365, array('digest_alg' => 'sha256','config'=>'customssl.cnf'),mt_rand(00000,99999));
openssl_x509_export_to_file($x509, 'cert.pem');
openssl_pkey_export_to_file($private_key, 'private.pem');
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69005 (0x10d8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: O=myorg.com, OU=myorg.com, CN=myorg/dnQualifier=LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUlHZk1BMEdDU3FHU0liM0RRRUJBUVVBQTRHTkFEQ0JpUUtCZ1FEWmd6THVJMXdQSFgzemFnV2VCTVpGbmswSApEMHNKUGI1U3NMY
我的结果:
$private_key = openssl_pkey_new(array(
"private_key_bits" => 2048,
"private_key_type" => OPENSSL_KEYTYPE_RSA,
));
$public = openssl_pkey_get_details(openssl_pkey_get_private($private_key))['key'];
$pk = base64_encode($public);
$dn = array(
"organizationName" => "myorg.com",
"organizationalUnitName" => "myorg.com",
"commonName" => "myorg",
"dnQualifier" => $pk
);
// Generate a certificate signing request
$csr = openssl_csr_new($dn, $privkey, array('digest_alg' => 'sha256','config'=>'customssl.cnf'));
// Generate self-signed EC cert
$x509 = openssl_csr_sign($csr , null, $private_key, $days=365, array('digest_alg' => 'sha256','config'=>'customssl.cnf'),mt_rand(00000,99999));
openssl_x509_export_to_file($x509, 'cert.pem');
openssl_pkey_export_to_file($private_key, 'private.pem');
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69005 (0x10d8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: O=myorg.com, OU=myorg.com, CN=myorg/dnQualifier=LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUlHZk1BMEdDU3FHU0liM0RRRUJBUVVBQTRHTkFEQ0JpUUtCZ1FEWmd6THVJMXdQSFgzemFnV2VCTVpGbmswSApEMHNKUGI1U3NMY
等等……等等。。dnQualifier中还有两行散列
你可以看到,dnQualifier中的散列与手册中的散列非常不同……我做错了什么?有人吗
谢谢你的时间,问候