/** * @param \PhpAmqpLib\Message\AMQPMessage $msg */ function process_message($msg) { // load content queue $content = json_decode($msg->body, TRUE); // echo "<pre>"; print_r($content); echo "/<pre>"; if ($content['action'] === 'create' || $content['action'] === 'renew') { $renew = $content['action'] === 'renew'; $infos = $content['infos']; $db = new VHFFS(); $vh = $db->get_httpd_from_servername($infos['domain']); $vl = VHFFS_letsencrypt::get_from_httpd_id($vh->httpd_id); if (empty($vl)) { $vl = new VHFFS_letsencrypt($vh->httpd_id); } $error = create_cert($infos, $renew); if (isset($error)) { $vl->cert_error($error); } else { $vl->cert_ok(); } $msg->delivery_info['channel']->basic_ack($msg->delivery_info['delivery_tag']); } }
$contents = file_get_contents($file_contents); openssl_pkcs12_read($pkcs12, $cert, $pass); while ($msg = openssl_error_string()) { echo $msg . "<br />\n"; } openssl_private_decrypt($contents, $decrypted, $cert['pkey']); if ($plain === $decrypted) { echo "+Ok, decrypt succ!\n"; } else { echo "-Err, decrypt fail!(" . __LINE__ . ")\n"; } } if (!is_dir($path)) { mkdir($path, 0775); } else { exec("rm -fr {$path}/*", $out, $ret); } create_ca(); create_cert(); check_cert(); encrypt(); decrypt(); /* * 测试: * (1)CA 证书不过期,用户证书过期 * (2)CA 证书过期,用户证书不过期 * * 结论: * (1)CA 证书过期,则用户证书验证失败 * (2)CA 证书有效,用户证书过期,则验证失败 */