Beispiel #1
0
 /**
  * Create a CSR for an authority that can issue CRLs.
  *
  * @param array $keyPair
  * @param string $dn
  * @return string
  *   PEM-encoded CSR.
  */
 public static function createCrlDistCSR($keyPair, $dn)
 {
     $privKey = new \Crypt_RSA();
     $privKey->loadKey($keyPair['privatekey']);
     $pubKey = new \Crypt_RSA();
     $pubKey->loadKey($keyPair['publickey']);
     $pubKey->setPublicKey();
     $csr = new \File_X509();
     $csr->setPrivateKey($privKey);
     $csr->setPublicKey($pubKey);
     $csr->setDN($dn);
     $csr->loadCSR($csr->saveCSR($csr->signCSR(Constants::CERT_SIGNATURE_ALGORITHM)));
     $csr->setExtension('id-ce-keyUsage', array('cRLSign'));
     $csrData = $csr->signCSR(Constants::CERT_SIGNATURE_ALGORITHM);
     return $csr->saveCSR($csrData);
 }