function createNewcertificate() { global $gbl, $login, $ghtml; $cerpath = "server.crt"; $keypath = "server.key"; $requestpath = "a.csr"; $ltemp["countryName"] = "IN"; $ltemp["stateOrProvinceName"] = "Bn"; $ltemp["localityName"] = "Bn"; $ltemp["organizationName"] = "LxCenter"; $ltemp["organizationalUnitName"] = "Kloxo"; $ltemp["commonName"] = "Kloxo"; $ltemp["emailAddress"] = "*****@*****.**"; $privkey = openssl_pkey_new(); openssl_pkey_export_to_file($privkey, $keypath); $csr = openssl_csr_new($ltemp, $privkey); openssl_csr_export_to_file($csr, $requestpath); $sscert = openssl_csr_sign($csr, null, $privkey, 365); openssl_x509_export_to_file($sscert, $cerpath); $src = getcwd(); $dest = '/usr/local/lxlabs/kloxo/ext/lxhttpd/conf'; root_execsys("lxfilesys_mkdir", $dest . "/ssl.crt/"); root_execsys("lxfilesys_mkdir", $dest . "/ssl.key/"); root_execsys("lxfilesys_mv", "{$src}/{$cerpath}", $dest . "/ssl.crt/" . $cerpath); root_execsys("lxfilesys_mv", "{$src}/{$keypath}", $dest . "/ssl.key/" . $cerpath); root_execsys("lxfilesys_mv", "{$src}/{$requestpath}", "{$dest}/{$requestpath}"); }
function test_openssl_csr_export_to_file() { $csr = openssl_csr_new(null, $ignore); VERIFY($csr != null); $tmp = tempnam('/tmp', 'vmopenssltest'); unlink($tmp); VS(file_get_contents($tmp), false); openssl_csr_export_to_file($csr, $tmp); VERIFY(strlen(file_get_contents($tmp)) > 400); unlink($tmp); }
/** * @param string $fileName * @param bool $verbose */ public function exportToFile(string $fileName, bool $verbose = false) { openssl_csr_export_to_file($this->getHandle(), $fileName, !$verbose); }
public function paypal_encrypt_wizard_step2() { access::verify_csrf(); $form = self::keyGenerationForm(); if (!$form->validate()) { self::paypal_encrypt_wizard_step1(); return; } $ssldir = str_replace('\\', '/', VARPATH . 'certificate'); $ssldir = rtrim($ssldir, '/') . '/'; if (!is_dir($ssldir)) { // Create the upload directory mkdir($ssldir, 0777, TRUE); } $prkeyfile = $ssldir . "myprvkey.pem"; $pubcertfile = $ssldir . "mypubcert.pem"; $certreqfile = $ssldir . "mycertreq.pem"; $dn = array("countryName" => $form->encrypt->countryName->value, "stateOrProvinceName" => $form->encrypt->stateOrProvinceName->value, "localityName" => $form->encrypt->localityName->value, "organizationName" => $form->encrypt->organizationName->value, "organizationalUnitName" => $form->encrypt->organizationalUnitName->value, "commonName" => $form->encrypt->commonName->value, "emailAddress" => $form->encrypt->emailAddress->value); $privkeypass = $form->encrypt->privKeyPass->value; $numberofdays = 365; $config = array("private_key_bits" => 1024); $privkey = openssl_pkey_new($config); $csr = openssl_csr_new($dn, $privkey); $sscert = openssl_csr_sign($csr, null, $privkey, $numberofdays); openssl_x509_export($sscert, $publickey); openssl_pkey_export($privkey, $privatekey, $privkeypass); openssl_csr_export($csr, $csrStr); openssl_x509_export_to_file($sscert, $pubcertfile); openssl_pkey_export_to_file($privkey, $prkeyfile, $privkeypass); openssl_csr_export_to_file($csr, $certreqfile); //echo "Your Public Certificate has been saved to " . $pubcertfile . "<br><br>"; //echo "Your Private Key has been saved to " . $prkeyfile . "<br><br>"; //echo "Your Certificate Request has been saved to " . $certreqfile . "<br><br>"; //echo $privatekey; // Will hold the exported PriKey //echo $publickey; // Will hold the exported PubKey //echo $csrStr; // Will hold the exported Certificate }
// Generate a new private (and public) key pair $privkey = openssl_pkey_new($SSLcnf); // Generate a certificate signing request $csr = openssl_csr_new($dn, $privkey, $SSLcnf); // You will usually want to create a self-signed certificate at this // point until your CA fulfills your request. // This creates a self-signed cert that is valid for 365 days $sscert = openssl_csr_sign($csr, null, $privkey, 365, $SSLcnf); // Now you will want to preserve your private key, CSR and self-signed // cert so that they can be installed into your web server, mail server // or mail client (depending on the intended use of the certificate). // This example shows how to get those things into variables, but you // can also store them directly into files. // Typically, you will send the CSR on to your CA who will then issue // you with the "real" certificate. //CERTIFICADO openssl_csr_export_to_file($csr, $fncert, false); //CERTIFICADO AUTO-ASSINADO openssl_x509_export_to_file($sscert, $fnsscert, false); //CHAVE PRIVADA (private.pem) openssl_pkey_export_to_file($privkey, $fnprivate, null, $SSLcnf); //CHAVE PÚBLICA (public.key) file_put_contents($fnpublic, openssl_pkey_get_details($privkey)['key']); /** * @todo Criar rotinas de interceptação de erros * */ // Show any errors that occurred here //while (($e = openssl_error_string()) !== false) { // echo "\n".$e."\n"; //}
function export_csr_to_file() { $this->clear_debug_buffer(); // Create empty csr file; $this->set_csr_file(); openssl_csr_export_to_file($this->csr, FILE_LOCATION . $this->csr_resource_file); $this->debug("export_csr_to_file"); }
private function genCsrCertFile() { openssl_csr_export_to_file($this->csrkey, $this->csrKeyFilename); }
/** * Takes the Certificate Signing Request represented * by $csr and saves it as ascii-armoured text into * the file named by $outfilename. * (PHP 4 >= 4.2.0, PHP 5) * * @param resource * @param string * @param bool * @return bool */ public final function saveCSRtoFile($csr, $outfilename, $notext = true) { if (!is_resource($csr)) { return false; } return openssl_csr_export_to_file($csr, $outfilename, $notext); }
$comN = stripslashes($_POST['commonName']); $on = stripslashes($_POST['organizationName']); $oun = stripslashes($_POST['organizationUnitName']); $mail = stripslashes($_POST['emailAdress']); $ln = stripslashes($_POST['localityName']); $sopn = stripslashes($_POST['stateOrProvinceName']); $cn = stripslashes($_POST['countryName']); if (isset($cn) && isset($sopn) && isset($ln) && isset($on) && isset($oun) && isset($comN) && isset($mail)) { //récupération des informations du certificat principal $CAcrt = "certificat.crt"; $CAkey = array("cles.txt", "monmot2passe"); // Assigne les valeurs du nom distingué à utiliser avec le certificat. $dn = array("countryName" => $cn, "stateOrProvinceName" => $sopn, "localityName" => $ln, "organizationName" => $on, "organizationalUnitName" => $oun, "commonName" => $comN, "emailAddress" => $mail); // Génère les clés privée et publique $privkey = openssl_pkey_new(); // Génère la requête de signature de certificat $csr = openssl_csr_new($dn, $privkey); // Cette commande crée une certificat signer par l'autorité supérieur valide 1 ans soit 365 jours $sscert = openssl_csr_sign($csr, $CAcrt, $CAkey, 365); // préserver la clé privée, la CSR et le certificat auto-signé, //de façon à ce qu'ils puissent être installés sur le site internet. // éléments dans des fichiers. // Typiquement, l'autorité de certification émettra un "vrai" certificat. openssl_csr_export_to_file($csr, "requeteSignaturePerso" . $comN . ".txt"); openssl_x509_export_to_file($sscert, "certificatPerso" . $comN . ".txt"); openssl_pkey_export_to_file($privkey, "clesPerso" . $comN . ".txt"); // Affiche les erreurs qui sont survenues while (($e = openssl_error_string()) !== false) { echo $e . "\n"; } }
public static function keygen(&$userid, $info = false) { $userid = !$userid ? config::$accountId : $userid; if (!$userid) { return false; } $dn = is_array($info) ? $info : array("countryName" => strtoupper(gio::input("Country code", "string")), "stateOrProvinceName" => strtoupper(gio::input("State code", "string")), "localityName" => gio::input("City", "string"), "organizationName" => gio::input("Your Name/Your Company Name in Full", "string"), "organizationalUnitName" => 'Digicoin', "commonName" => config::$bankId, "emailAddress" => gio::input("Contact Email Address", "string")); $privkeypass = config::$privateKeyPassword; if (!self::cryptoInstalled()) { gio::log("... Could not generate cryptographic keys for {$userid} ...", E_USER_ERROR); return false; } gio::log("Generating cryptographic keys for {$userid}...", VERBOSE); try { $privkey = @openssl_pkey_new(self::$keyOpts); $privateKey = ""; $csr = @openssl_csr_new($dn, $privkey, self::$keyOpts); if ($csr) { openssl_csr_export_to_file($csr, self::getcert($userid)); openssl_pkey_export($privkey, $privatekey, $privkeypass, self::$keyOpts); gio::savetofile($privatekey, self::getkey($userid, true), config::$privateKeyFileMode); gio::savetofile($userid, config::$accountIdFile); config::$accountId = $userid; } else { return false; } } catch (Exception $e) { gio::log("Error while generating cryptographic keys for {$userid}: " . $e->message, E_USER_ERROR); return false; } gio::log("... Done generating cryptographic keys for {$userid}", VERBOSE); return true; }
/** * Gera um no certificado * @param string $file Local do Arquivo. * @return object. */ public function generatePassword($file = 'certificate.crt') { $dn = []; if ($this->getStateOrProvinceName() !== false) { $dn['stateOrProvinceName'] = $this->getStateOrProvinceName(); } if ($this->getLocalityName() !== false) { $dn['localityName'] = $this->getLocalityName(); } if ($this->getOrganizationName() !== false) { $dn['organizationName'] = $this->getOrganizationName(); } if ($this->getCountryName() !== false) { $dn['countryName'] = $this->getCountryName(); } if ($this->getOrganizationalUnitName() !== false) { $dn['organizationalUnitName'] = $this->getOrganizationalUnitName(); } if ($this->getCommonName() !== false) { $dn['commonName'] = $this->getCommonName(); } if ($this->getEmailAddress() !== false) { $dn['emailAddress'] = $this->getEmailAddress(); } $private_key = openssl_pkey_new(); $csr = openssl_csr_new($dn, $private_key); openssl_csr_export_to_file($csr, DIR_ROOT . $file, true); openssl_csr_export_to_file($csr, DIR_ROOT . preg_replace('/(\\..*)$/', '-details$1', $file), false); openssl_csr_export($csr, $password); $this->password = $password; return $this; }