Fatal编程技术网
  • php/
  • PHP-openssl公钥大小

PHP-openssl公钥大小

php openssl

PHP-openssl公钥大小,php,openssl,php-openssl,openssl-engine,Php,Openssl,Php Openssl,Openssl Engine,我正在按照手册创建一个.pem证书,并且我正在使用PHP openssl类来创建它。最终证书必须与手册中的证书相同。我几乎什么都有,但有一件事我就是不明白,也许是因为我做事方式不对。以下是手册中的结果: Issuer: O=example.com, OU=example.com CN=.cc-admin/dnQualifier=1sfCakNi3x6UPCYmogMrITuPMos= 我的代码: $private_key = openssl_pkey_new(array(

我正在按照手册创建一个.pem证书,并且我正在使用PHP openssl类来创建它。最终证书必须与手册中的证书相同。我几乎什么都有,但有一件事我就是不明白,也许是因为我做事方式不对。以下是手册中的结果:

Issuer: O=example.com, OU=example.com CN=.cc-admin/dnQualifier=1sfCakNi3x6UPCYmogMrITuPMos=

我的代码:

$private_key = openssl_pkey_new(array(
            "private_key_bits" => 2048,
            "private_key_type" => OPENSSL_KEYTYPE_RSA,
        ));

        $public = openssl_pkey_get_details(openssl_pkey_get_private($private_key))['key'];
        $pk = base64_encode($public);

        $dn = array(
            "organizationName" => "myorg.com",
            "organizationalUnitName" => "myorg.com",
            "commonName" => "myorg",
            "dnQualifier" => $pk
        );

        // Generate a certificate signing request
        $csr = openssl_csr_new($dn, $privkey, array('digest_alg' => 'sha256','config'=>'customssl.cnf'));

        // Generate self-signed EC cert
        $x509 = openssl_csr_sign($csr , null, $private_key, $days=365, array('digest_alg' => 'sha256','config'=>'customssl.cnf'),mt_rand(00000,99999));
        openssl_x509_export_to_file($x509, 'cert.pem');
        openssl_pkey_export_to_file($private_key, 'private.pem');

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 69005 (0x10d8d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: O=myorg.com, OU=myorg.com, CN=myorg/dnQualifier=LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUlHZk1BMEdDU3FHU0liM0RRRUJBUVVBQTRHTkFEQ0JpUUtCZ1FEWmd6THVJMXdQSFgzemFnV2VCTVpGbmswSApEMHNKUGI1U3NMY
我的结果:

$private_key = openssl_pkey_new(array(
            "private_key_bits" => 2048,
            "private_key_type" => OPENSSL_KEYTYPE_RSA,
        ));

        $public = openssl_pkey_get_details(openssl_pkey_get_private($private_key))['key'];
        $pk = base64_encode($public);

        $dn = array(
            "organizationName" => "myorg.com",
            "organizationalUnitName" => "myorg.com",
            "commonName" => "myorg",
            "dnQualifier" => $pk
        );

        // Generate a certificate signing request
        $csr = openssl_csr_new($dn, $privkey, array('digest_alg' => 'sha256','config'=>'customssl.cnf'));

        // Generate self-signed EC cert
        $x509 = openssl_csr_sign($csr , null, $private_key, $days=365, array('digest_alg' => 'sha256','config'=>'customssl.cnf'),mt_rand(00000,99999));
        openssl_x509_export_to_file($x509, 'cert.pem');
        openssl_pkey_export_to_file($private_key, 'private.pem');

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 69005 (0x10d8d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: O=myorg.com, OU=myorg.com, CN=myorg/dnQualifier=LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUlHZk1BMEdDU3FHU0liM0RRRUJBUVVBQTRHTkFEQ0JpUUtCZ1FEWmd6THVJMXdQSFgzemFnV2VCTVpGbmswSApEMHNKUGI1U3NMY
等等……等等。。dnQualifier中还有两行散列

你可以看到,dnQualifier中的散列与手册中的散列非常不同……我做错了什么?有人吗

谢谢你的时间,问候