2015年5月1日 星期五

利用PHP 和 openssl 建立自簽根憑證


 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>建立自簽根憑證</title>
</head>
<body>
123
<?php
// CA憑證的辨識名稱(DN, Distinguished Name)
$dn = array(
    "countryName" => "TW",
    "stateOrProvinceName" => "Taiwan",
    "localityName" => "Taichung",
    "organizationName" => "ABC Corporation",
    "organizationalUnitName" => "CA",
    "commonName" => "ABC CA",
    "emailAddress" => "ca@abc.com.tw");
echo "CA憑證的辨識名稱" ;

// 產生私密金鑰(包含公開金鑰)
$configs = array(
    "private_key_bits" => 2048 ,
    "private_key_type" => OPENSSL_KEYTYPE_RSA );
echo "產生私密金鑰(包含公開金鑰)" ;


$privatekey = openssl_pkey_new($configs);
// 產生CSR
$csr = openssl_csr_new($dn, $privatekey);
// 產生自簽憑證
$configs = array(
                   "x509_extensions" => "v3_ca" ,
                   "digest_alg" => "sha1");
$cert = openssl_csr_sign($csr, null, $privatekey, 3650, $configs);


echo "產生自簽憑證" ;
openssl_csr_export_to_file( $csr , "cacsr.pem" );
openssl_x509_export_to_file( $cert , "cacert.cer" );
openssl_pkey_export_to_file( $privatekey , "cakey.pem" , "ca_pw" );

?>
</body>
</html>

沒有留言:

張貼留言

聲寶卡式濾心頭蓋

 https://www.ruten.com.tw/item/show?22027794089976 在這裡買的接頭 https://www.ruten.com.tw/item/show?21814839221595 【品名】台製優質濾心頭蓋 (適用3M、EVERPURE濾心)功...