#39956 [Bgs]: Verifying the signature of the certificate
ID: 39956 User updated by: bassijunior at yahoo dot com dot br Reported By: bassijunior at yahoo dot com dot br Status: Bogus Bug Type: Feature/Change Request Operating System: Windows XP PHP Version: 5.2.0 Assigned To: pajoye New Comment: Hi, Can you help me? How can I extract the signature value from the certificate X.509? Thanks Previous Comments: [2007-01-11 14:33:01] bassijunior at yahoo dot com dot br Ok. Thanks for the answer. Maybe, I have to use this function. But, how can extract the signature value from the certificate X.509? I already tried the openssl_x509_parse, but I didn't get the signature value. I have the certificate in the format .PEM, like this: -BEGIN CERTIFICATE- MIIDRDCCAq2gAwIBAgIERaJ12TANBgkqhkiG9w0BAQUFADB6MQswCQYDVQQGEwJC UjELMAkGA1UECBMCUkoxFzAVBgNVBAcTDlJpbyBkZSBKYW5laXJvMRwwGgYDVQQD FBNBR0MgLSBQcm9qZXRvX0ZpbmFsMScwJQYJKoZIhvcNAQkBFhhiYXNzaWp1bmlv ckB5YWhvby5jb20uYnIwHhcNMDcwMTA4MTY0ODI1WhcNMDgwMTA4MTY0ODI1WjCB 1DELMAkGA1UEBhMCQlIxCzAJBgNVBAgTAlJKMQ0wCwYDVQQHEwRSaW8gMRwwGgYD VQQDExNKb3NlIEFsYmVydG86MzI0MzQzMWUwYwYDVQRBE1xBcnF1aXZvOiBiYWNr MS5qcGcsIEhhc2g6IGRmNjVmZDFlOTcwM2Q2MTM1ZWU2NjNhNjlkZDA4NTJjYzZj MTU1ZjEsIElQIGRvIHVzdWFyaW86IDEyNy4wLjAuMTEkMCIGCSqGSIb3DQEJARYV YmFzc2lqdW5pb3JAZ21haWwuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB gQC+/l11fmU8ZsipmXA+oBKQml6dpHupANKOiR/NUynn3g3+TVeBi8LOu5zLz1V9 4Qj8STvzepoxsJ/uuIhieS9sPtu4Erg5Xi4QvEZPRCxzzTH6237z924sFK+RjiaA Oz7voL48y6+EWzdlX81fCUADsA1ps3AgTm2nICldPNWqhwIDAQABo3wwejAJBgNV HRMEAjAAMC0GCWCGSAGG+EIBDQQgFh5DZXJ0aWZpY2FkbyBmaW5hbCBwYXJhIHVz dWFyaW8wHQYDVR0OBBYEFHz+89um4yL1HYMzCJqVldQ9w4QnMB8GA1UdIwQYMBaA FLRXYeje0vAjbdOpIQmMW5EzaQEpMA0GCSqGSIb3DQEBBQUAA4GBAMffIowvU8K5 Q5xyNt7MyTpH/2GtO01bPlrXxEP8XJVHQS9UK7F4lRks6lSmN4yNrbmgiO94JbzM 6xdaH3EofROnMKT/A4SMbpUNNUDClC+DiSBWw3mN+3D2wzakLrCszXrqe21dO1fC 0JB5xjnKJjvZtdLD7/s87eCUNntaN81E -END CERTIFICATE- I need to verify a certificate X.509. Thanks! [2007-01-05 21:06:05] [EMAIL PROTECTED] "The openssl_verify function verifies a string." $cert = file_get_contents($pem_filename); ... $ok = openssl_verify($data, $signature, $cert); if ($ok)... assuming that $data and $signature are filled. But this is not a bug but a support question > bogus. [2007-01-05 19:18:50] bassijunior at yahoo dot com dot br Hi, Some news? I need a help. Thanks [2006-12-26 21:30:03] bassijunior at yahoo dot com dot br Description: Hi, I was developing a code that need some openssl functions. I was studying the openssl functions of PHP and I did not find nothing to verifying the signature of X.509 certificate. The openssl_verify function verifies a string. But, what can I do to verify the signature of a certificate, like this: -BEGIN CERTIFICATE- MIICxjCCAi+gAwIBAgIBADANBgkqhkiG9w0BAQQFADCBqDEPMA0GA1UEAxMGRk9S QklTMQswCQYDVQQGEwJMVDEQMA4GA1UEBxMHVklMTklVUzEQMA4GA1UECBMHVklM TklVUzEoMCYGA1UEChMfVVpEQVJPSkkgQUtDSU5FIEJFTkRST1ZFIEZPUkJJUzEU MBIGA1UECxMLSU5URUdSQVRJT04xJDAiBgkqhkiG9w0BCQEWFUwuSlVaSUtFTkFT QEZPUkJJUy5MVDAeFw0wNDAzMjIxNTE2MDNaFw0wNDA0MjExNTE2MDNaMIGoMQ8w DQYDVQQDEwZGT1JCSVMxCzAJBgNVBAYTAkxUMRAwDgYDVQQHEwdWSUxOSVVTMRAw DgYDVQQIEwdWSUxOSVVTMSgwJgYDVQQKEx9VWkRBUk9KSSBBS0NJTkUgQkVORFJP VkUgRk9SQklTMRQwEgYDVQQLEwtJTlRFR1JBVElPTjEkMCIGCSqGSIb3DQEJARYV TC5KVVpJS0VOQVNARk9SQklTLkxUMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB gQCrbyCkLdo1gfT3d5JjwrLYC8WAXNI50afTGx9+ncjfnONGtScsbwlQ5Qw55neH TUe1TbI/QJc8KZ7PU5/sJAVNpuJW9JEI0y1xX6egfVSWkDGv/GgSb2JebnD1+Nw2 fw8lU0v4F6/IjHU9FOfSTBAIN58g5FqTweAZg5BU7uN9XwIDAQABMA0GCSqGSIb3 DQEBBAUAA4GBACh8eFBJ/8p8f1t8TWlh6lX4hpGpyej0h+0BW45icxkpDplfGbFx 47OClHjzgROo6zFx7Axn5JC1IWPiiyylbSbahpyCpcasuQchErcXJ72ctq8nBXqV s7sPhlunemdfpFuZLBNFbw5xaUs+lt9tAZFi6EHnhjCFGilH4u5aRcta -END CERTIFICATE- I have the public key to verify it. But I do not Know how I use it. Thanks! -- Edit this bug report at http://bugs.php.net/?id=39956&edit=1
#39956 [Bgs]: Verifying the signature of the certificate
ID: 39956 User updated by: bassijunior at yahoo dot com dot br Reported By: bassijunior at yahoo dot com dot br Status: Bogus Bug Type: Feature/Change Request Operating System: Windows XP PHP Version: 5.2.0 Assigned To: pajoye New Comment: Ok. Thanks for the answer. Maybe, I have to use this function. But, how can extract the signature value from the certificate X.509? I already tried the openssl_x509_parse, but I didn't get the signature value. I have the certificate in the format .PEM, like this: -BEGIN CERTIFICATE- MIIDRDCCAq2gAwIBAgIERaJ12TANBgkqhkiG9w0BAQUFADB6MQswCQYDVQQGEwJC UjELMAkGA1UECBMCUkoxFzAVBgNVBAcTDlJpbyBkZSBKYW5laXJvMRwwGgYDVQQD FBNBR0MgLSBQcm9qZXRvX0ZpbmFsMScwJQYJKoZIhvcNAQkBFhhiYXNzaWp1bmlv ckB5YWhvby5jb20uYnIwHhcNMDcwMTA4MTY0ODI1WhcNMDgwMTA4MTY0ODI1WjCB 1DELMAkGA1UEBhMCQlIxCzAJBgNVBAgTAlJKMQ0wCwYDVQQHEwRSaW8gMRwwGgYD VQQDExNKb3NlIEFsYmVydG86MzI0MzQzMWUwYwYDVQRBE1xBcnF1aXZvOiBiYWNr MS5qcGcsIEhhc2g6IGRmNjVmZDFlOTcwM2Q2MTM1ZWU2NjNhNjlkZDA4NTJjYzZj MTU1ZjEsIElQIGRvIHVzdWFyaW86IDEyNy4wLjAuMTEkMCIGCSqGSIb3DQEJARYV YmFzc2lqdW5pb3JAZ21haWwuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB gQC+/l11fmU8ZsipmXA+oBKQml6dpHupANKOiR/NUynn3g3+TVeBi8LOu5zLz1V9 4Qj8STvzepoxsJ/uuIhieS9sPtu4Erg5Xi4QvEZPRCxzzTH6237z924sFK+RjiaA Oz7voL48y6+EWzdlX81fCUADsA1ps3AgTm2nICldPNWqhwIDAQABo3wwejAJBgNV HRMEAjAAMC0GCWCGSAGG+EIBDQQgFh5DZXJ0aWZpY2FkbyBmaW5hbCBwYXJhIHVz dWFyaW8wHQYDVR0OBBYEFHz+89um4yL1HYMzCJqVldQ9w4QnMB8GA1UdIwQYMBaA FLRXYeje0vAjbdOpIQmMW5EzaQEpMA0GCSqGSIb3DQEBBQUAA4GBAMffIowvU8K5 Q5xyNt7MyTpH/2GtO01bPlrXxEP8XJVHQS9UK7F4lRks6lSmN4yNrbmgiO94JbzM 6xdaH3EofROnMKT/A4SMbpUNNUDClC+DiSBWw3mN+3D2wzakLrCszXrqe21dO1fC 0JB5xjnKJjvZtdLD7/s87eCUNntaN81E -END CERTIFICATE- I need to verify a certificate X.509. Thanks! Previous Comments: [2007-01-05 21:06:05] [EMAIL PROTECTED] "The openssl_verify function verifies a string." $cert = file_get_contents($pem_filename); ... $ok = openssl_verify($data, $signature, $cert); if ($ok)... assuming that $data and $signature are filled. But this is not a bug but a support question > bogus. [2007-01-05 19:18:50] bassijunior at yahoo dot com dot br Hi, Some news? I need a help. Thanks [2006-12-26 21:30:03] bassijunior at yahoo dot com dot br Description: Hi, I was developing a code that need some openssl functions. I was studying the openssl functions of PHP and I did not find nothing to verifying the signature of X.509 certificate. The openssl_verify function verifies a string. But, what can I do to verify the signature of a certificate, like this: -BEGIN CERTIFICATE- MIICxjCCAi+gAwIBAgIBADANBgkqhkiG9w0BAQQFADCBqDEPMA0GA1UEAxMGRk9S QklTMQswCQYDVQQGEwJMVDEQMA4GA1UEBxMHVklMTklVUzEQMA4GA1UECBMHVklM TklVUzEoMCYGA1UEChMfVVpEQVJPSkkgQUtDSU5FIEJFTkRST1ZFIEZPUkJJUzEU MBIGA1UECxMLSU5URUdSQVRJT04xJDAiBgkqhkiG9w0BCQEWFUwuSlVaSUtFTkFT QEZPUkJJUy5MVDAeFw0wNDAzMjIxNTE2MDNaFw0wNDA0MjExNTE2MDNaMIGoMQ8w DQYDVQQDEwZGT1JCSVMxCzAJBgNVBAYTAkxUMRAwDgYDVQQHEwdWSUxOSVVTMRAw DgYDVQQIEwdWSUxOSVVTMSgwJgYDVQQKEx9VWkRBUk9KSSBBS0NJTkUgQkVORFJP VkUgRk9SQklTMRQwEgYDVQQLEwtJTlRFR1JBVElPTjEkMCIGCSqGSIb3DQEJARYV TC5KVVpJS0VOQVNARk9SQklTLkxUMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB gQCrbyCkLdo1gfT3d5JjwrLYC8WAXNI50afTGx9+ncjfnONGtScsbwlQ5Qw55neH TUe1TbI/QJc8KZ7PU5/sJAVNpuJW9JEI0y1xX6egfVSWkDGv/GgSb2JebnD1+Nw2 fw8lU0v4F6/IjHU9FOfSTBAIN58g5FqTweAZg5BU7uN9XwIDAQABMA0GCSqGSIb3 DQEBBAUAA4GBACh8eFBJ/8p8f1t8TWlh6lX4hpGpyej0h+0BW45icxkpDplfGbFx 47OClHjzgROo6zFx7Axn5JC1IWPiiyylbSbahpyCpcasuQchErcXJ72ctq8nBXqV s7sPhlunemdfpFuZLBNFbw5xaUs+lt9tAZFi6EHnhjCFGilH4u5aRcta -END CERTIFICATE- I have the public key to verify it. But I do not Know how I use it. Thanks! -- Edit this bug report at http://bugs.php.net/?id=39956&edit=1
#39956 [Opn]: Verifying the signature of the certificate
ID: 39956 User updated by: bassijunior at yahoo dot com dot br Reported By: bassijunior at yahoo dot com dot br Status: Open Bug Type: Feature/Change Request Operating System: Windows XP PHP Version: 5.2.0 New Comment: Hi, Some news? I need a help. Thanks Previous Comments: [2006-12-26 21:30:03] bassijunior at yahoo dot com dot br Description: Hi, I was developing a code that need some openssl functions. I was studying the openssl functions of PHP and I did not find nothing to verifying the signature of X.509 certificate. The openssl_verify function verifies a string. But, what can I do to verify the signature of a certificate, like this: -BEGIN CERTIFICATE- MIICxjCCAi+gAwIBAgIBADANBgkqhkiG9w0BAQQFADCBqDEPMA0GA1UEAxMGRk9S QklTMQswCQYDVQQGEwJMVDEQMA4GA1UEBxMHVklMTklVUzEQMA4GA1UECBMHVklM TklVUzEoMCYGA1UEChMfVVpEQVJPSkkgQUtDSU5FIEJFTkRST1ZFIEZPUkJJUzEU MBIGA1UECxMLSU5URUdSQVRJT04xJDAiBgkqhkiG9w0BCQEWFUwuSlVaSUtFTkFT QEZPUkJJUy5MVDAeFw0wNDAzMjIxNTE2MDNaFw0wNDA0MjExNTE2MDNaMIGoMQ8w DQYDVQQDEwZGT1JCSVMxCzAJBgNVBAYTAkxUMRAwDgYDVQQHEwdWSUxOSVVTMRAw DgYDVQQIEwdWSUxOSVVTMSgwJgYDVQQKEx9VWkRBUk9KSSBBS0NJTkUgQkVORFJP VkUgRk9SQklTMRQwEgYDVQQLEwtJTlRFR1JBVElPTjEkMCIGCSqGSIb3DQEJARYV TC5KVVpJS0VOQVNARk9SQklTLkxUMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB gQCrbyCkLdo1gfT3d5JjwrLYC8WAXNI50afTGx9+ncjfnONGtScsbwlQ5Qw55neH TUe1TbI/QJc8KZ7PU5/sJAVNpuJW9JEI0y1xX6egfVSWkDGv/GgSb2JebnD1+Nw2 fw8lU0v4F6/IjHU9FOfSTBAIN58g5FqTweAZg5BU7uN9XwIDAQABMA0GCSqGSIb3 DQEBBAUAA4GBACh8eFBJ/8p8f1t8TWlh6lX4hpGpyej0h+0BW45icxkpDplfGbFx 47OClHjzgROo6zFx7Axn5JC1IWPiiyylbSbahpyCpcasuQchErcXJ72ctq8nBXqV s7sPhlunemdfpFuZLBNFbw5xaUs+lt9tAZFi6EHnhjCFGilH4u5aRcta -END CERTIFICATE- I have the public key to verify it. But I do not Know how I use it. Thanks! -- Edit this bug report at http://bugs.php.net/?id=39956&edit=1
#39956 [NEW]: Verifying the signature of the certificate
From: bassijunior at yahoo dot com dot br Operating system: Windows XP PHP version: 5.2.0 PHP Bug Type: Feature/Change Request Bug description: Verifying the signature of the certificate Description: Hi, I was developing a code that need some openssl functions. I was studying the openssl functions of PHP and I did not find nothing to verifying the signature of X.509 certificate. The openssl_verify function verifies a string. But, what can I do to verify the signature of a certificate, like this: -BEGIN CERTIFICATE- MIICxjCCAi+gAwIBAgIBADANBgkqhkiG9w0BAQQFADCBqDEPMA0GA1UEAxMGRk9S QklTMQswCQYDVQQGEwJMVDEQMA4GA1UEBxMHVklMTklVUzEQMA4GA1UECBMHVklM TklVUzEoMCYGA1UEChMfVVpEQVJPSkkgQUtDSU5FIEJFTkRST1ZFIEZPUkJJUzEU MBIGA1UECxMLSU5URUdSQVRJT04xJDAiBgkqhkiG9w0BCQEWFUwuSlVaSUtFTkFT QEZPUkJJUy5MVDAeFw0wNDAzMjIxNTE2MDNaFw0wNDA0MjExNTE2MDNaMIGoMQ8w DQYDVQQDEwZGT1JCSVMxCzAJBgNVBAYTAkxUMRAwDgYDVQQHEwdWSUxOSVVTMRAw DgYDVQQIEwdWSUxOSVVTMSgwJgYDVQQKEx9VWkRBUk9KSSBBS0NJTkUgQkVORFJP VkUgRk9SQklTMRQwEgYDVQQLEwtJTlRFR1JBVElPTjEkMCIGCSqGSIb3DQEJARYV TC5KVVpJS0VOQVNARk9SQklTLkxUMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB gQCrbyCkLdo1gfT3d5JjwrLYC8WAXNI50afTGx9+ncjfnONGtScsbwlQ5Qw55neH TUe1TbI/QJc8KZ7PU5/sJAVNpuJW9JEI0y1xX6egfVSWkDGv/GgSb2JebnD1+Nw2 fw8lU0v4F6/IjHU9FOfSTBAIN58g5FqTweAZg5BU7uN9XwIDAQABMA0GCSqGSIb3 DQEBBAUAA4GBACh8eFBJ/8p8f1t8TWlh6lX4hpGpyej0h+0BW45icxkpDplfGbFx 47OClHjzgROo6zFx7Axn5JC1IWPiiyylbSbahpyCpcasuQchErcXJ72ctq8nBXqV s7sPhlunemdfpFuZLBNFbw5xaUs+lt9tAZFi6EHnhjCFGilH4u5aRcta -END CERTIFICATE- I have the public key to verify it. But I do not Know how I use it. Thanks! -- Edit bug report at http://bugs.php.net/?id=39956&edit=1 -- Try a CVS snapshot (PHP 4.4): http://bugs.php.net/fix.php?id=39956&r=trysnapshot44 Try a CVS snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=39956&r=trysnapshot52 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=39956&r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=39956&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=39956&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=39956&r=needtrace Need Reproduce Script:http://bugs.php.net/fix.php?id=39956&r=needscript Try newer version:http://bugs.php.net/fix.php?id=39956&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=39956&r=support Expected behavior:http://bugs.php.net/fix.php?id=39956&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=39956&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=39956&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=39956&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=39956&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=39956&r=dst IIS Stability:http://bugs.php.net/fix.php?id=39956&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=39956&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=39956&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=39956&r=nozend MySQL Configuration Error:http://bugs.php.net/fix.php?id=39956&r=mysqlcfg
#39757 [NEW]: Distinguished names - openssl_csr_new
From: bassijunior at yahoo dot com dot br Operating system: Windows XP Professinal PHP version: 5.2.0 PHP Bug Type: Feature/Change Request Bug description: Distinguished names - openssl_csr_new Description: Hi, I need to create a certificate request(CSR) using a openssl_csr_new function. But I have a problem with the openssl.cnf file. In the section distinguished_name has a several fields, like a countryName, emailAddress and others. My commonName has the length bigger than 64, that is standard value of openssl.cnf. But I can`t change this valeu to the commonName_max = 128. I already tried all possible things. The openssl.cnf file is not accepting changes in this field. Is it a bug? Thanks! Reproduce code: --- some name bigger than 64 ); openssl_csr_new($dn, $privkey, $config); . . . ?> Actual result: -- The certificate request(CSR) was not created because the length of commonName. -- Edit bug report at http://bugs.php.net/?id=39757&edit=1 -- Try a CVS snapshot (PHP 4.4): http://bugs.php.net/fix.php?id=39757&r=trysnapshot44 Try a CVS snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=39757&r=trysnapshot52 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=39757&r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=39757&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=39757&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=39757&r=needtrace Need Reproduce Script:http://bugs.php.net/fix.php?id=39757&r=needscript Try newer version:http://bugs.php.net/fix.php?id=39757&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=39757&r=support Expected behavior:http://bugs.php.net/fix.php?id=39757&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=39757&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=39757&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=39757&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=39757&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=39757&r=dst IIS Stability:http://bugs.php.net/fix.php?id=39757&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=39757&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=39757&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=39757&r=nozend MySQL Configuration Error:http://bugs.php.net/fix.php?id=39757&r=mysqlcfg
#39295 [NoF->Opn]: openssl_csr_sign and options
ID: 39295 User updated by: bassijunior at yahoo dot com dot br Reported By: bassijunior at yahoo dot com dot br -Status: No Feedback +Status: Open Bug Type: Feature/Change Request Operating System: Windows XP PHP Version: 5.1.6 Assigned To: pajoye New Comment: I think that the PHP version 5.2 has what I want. Where can I find a documentation about the new functions implemented in the PHP 5.2? Thanks! Previous Comments: [2006-11-21 01:00:00] php-bugs at lists dot php dot net No feedback was provided for this bug for over a week, so it is being suspended automatically. If you are able to provide the information that was originally requested, please do so and change the status of the bug back to "Open". [2006-11-13 23:18:25] [EMAIL PROTECTED] It is a v3 extension. You have to use array('x509_extensions' => 'sectionname') as configargs, it will use this section from your openssl.cnf . And the default value will be set using it. Can you try it? However I'm unsure why it fails to fetch them from the config, even using the openssl command line, it does not work. -------- [2006-11-11 01:09:55] bassijunior at yahoo dot com dot br Hi, Some news?? Thanks! -------- [2006-11-06 00:35:38] bassijunior at yahoo dot com dot br "$nacionalidade", "stateOrProvinceName" => "$estado", "localityName" => "$cidade", "commonName" => "$commomName", "emailAddress" => "$email", "subjectAltName" => "123456789" ); $configuracao=array( "config" => "$pwd\\openssl.cnf" ); $notext = (bool)""; $privkey = openssl_pkey_new($configuracao); $csr = openssl_csr_new($dn, $privkey, $configuracao); openssl_pkey_export_to_file($privkey, "$pwd\\demoCA\\pkey_teste.pem", "$passphrase"); openssl_csr_export_to_file($csr, "$pwd\\demoCA\\csr_teste.pem", $notext); ?> Is the subjectAltName is a extension, isn't is? But I can put in the $dn variable(distinguished name). I wanted to put a subjectAltName as extension, not as a distinguished name. Thanks! [2006-11-05 13:54:43] [EMAIL PROTECTED] Please provide a complete script to reproduce your problem. The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/39295 -- Edit this bug report at http://bugs.php.net/?id=39295&edit=1
#39295 [Opn]: openssl_csr_sign and options
ID: 39295 User updated by: bassijunior at yahoo dot com dot br Reported By: bassijunior at yahoo dot com dot br Status: Open Bug Type: Feature/Change Request Operating System: Windows XP PHP Version: 5.1.6 Assigned To: pajoye New Comment: Hi, Some news?? Thanks! Previous Comments: [2006-11-06 00:35:38] bassijunior at yahoo dot com dot br "$nacionalidade", "stateOrProvinceName" => "$estado", "localityName" => "$cidade", "commonName" => "$commomName", "emailAddress" => "$email", "subjectAltName" => "123456789" ); $configuracao=array( "config" => "$pwd\\openssl.cnf" ); $notext = (bool)""; $privkey = openssl_pkey_new($configuracao); $csr = openssl_csr_new($dn, $privkey, $configuracao); openssl_pkey_export_to_file($privkey, "$pwd\\demoCA\\pkey_teste.pem", "$passphrase"); openssl_csr_export_to_file($csr, "$pwd\\demoCA\\csr_teste.pem", $notext); ?> Is the subjectAltName is a extension, isn't is? But I can put in the $dn variable(distinguished name). I wanted to put a subjectAltName as extension, not as a distinguished name. Thanks! [2006-11-05 13:54:43] [EMAIL PROTECTED] Please provide a complete script to reproduce your problem. [2006-11-05 00:50:14] bassijunior at yahoo dot com dot br Hi, I can add fields of DN(distinguished name)using the openssl_csr_new function. $csr = openssl_csr_new($dn, $privkey, $configarg); I did a test. I placed a subjectAltName in $dn the variable and the openssl_csr_new added a subjectAltName like a distinguished name, but subjectAltName is a extension, not a DN. $dn = array( "countryName" => "$nacionalidade", "stateOrProvinceName" => "$estado", "localityName" => "$cidade", "commonName" => "$commomName", "emailAddress" => "$email", "subjectAltName" => "123456789", What is happening? Here a certificate: Certificate: Data: Version: 3 (0x2) Serial Number: 1162687748 (0x454d3504) Signature Algorithm: sha1WithRSAEncryption Issuer: C=BR, ST=RJ, L=Rio de Janeiro, O=Home, OU=quarto, CN=Junior/[EMAIL PROTECTED] Validity Not Before: Nov 5 00:49:08 2006 GMT Not After : Nov 5 00:49:08 2007 GMT Subject: C=BR, ST=RJ, L=Rio, CN=Jos\xE9 Alberto Bassi/[EMAIL PROTECTED]/subjectAltName=123456789 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:ea:49:5c:e7:5b:59:77:e2:af:1e:1b:b5:6a:08: d2:2b:2c:97:c6:01:9f:2f:44:20:4a:3a:09:47:54: bb:09:af:92:4a:fc:e7:96:6d:8b:06:75:3e:3d:c7: 50:60:92:9f:47:26:86:d2:68:3b:1b:26:77:f3:9c: 26:fb:59:7e:35:d7:14:8d:86:32:65:36:89:94:20: c6:28:3f:2c:b4:0a:74:8c:ee:14:0c:e5:5a:81:3a: 06:4f:2d:41:c7:c9:2e:b1:30:ef:89:fd:e3:5f:d0: 37:86:35:2f:67:bd:be:81:cd:c1:93:a9:a1:4a:df: b4:08:1f:a0:8d:f7:fc:8c:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE X509v3 Key Usage: Digital Signature, Non Repudiation, Key Encipherment Signature Algorithm: sha1WithRSAEncryption 52:82:a4:2f:57:36:43:9a:dd:22:65:73:f8:7c:88:52:18:fc: c9:3e:54:50:f1:60:ec:07:4c:a4:3b:97:45:3e:ac:ad:db:37: 45:71:a1:67:cd:19:ad:e5:ee:21:26:e1:b3:70:18:66:af:b6: 06:ba:f4:64:95:6c:88:61:93:fc:18:86:7d:28:13:64:ee:a2: a6:ad:32:7f:6a:ce:ec:c5:27:80:17:38:c6:2a:4a:ff:9b:77: d9:45:a8:73:ef:5f:07:b9:de:ba:81:bd:c9:04:76:0d:36:03: 43:23:d0:f9:1f:69:fa:05:6f:4c:4c:10:e1:48:88:19:94:ca: 8d:cd -BEGIN CERTIFICATE- MIICmTCCAgKgAwIBAgIERU01BDANBgkqhkiG9w0BAQUFADCBgjELMAkGA1UEBhMC QlIxCzAJBgNVBAgTAlJKMRcwFQYDVQQHEw5SaW8gZGUgSmFuZWlybzENMAsGA1UE ChMESG9tZTEPMA0GA1UECxMGcXVhcnRvMQ8wDQYDVQQDEwZKdW5pb3IxHDAaBgkq hkiG9w0BCQEWDWJiQG9waWl3ZS5jb20wHhcNMDYxMTA1MDA0OTA4WhcNMDcxMTA1 MDA0OTA4WjCBgjELMAkGA1UEBhMCQlIxCzAJBgNVBAgTAlJKMQwwCgYDVQQHEwNS aW8xGzAZBgNVBAMUEkpvc+kgQWxiZXJ0byBCYXNzaTEnMCUGCSqGSIb3DQEJARYY YmFzc2lqdW5pb3JAeWFob28uY29tLmJyMRIwEAYDVR0REwkxMjM0NTY3ODkwgZ8w DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOpJXOdbWXfirx4btWoI0issl8YBny9E IEo6CUdUuwmvkkr855ZtiwZ1Pj3HUGCSn0cmhtJoOxsmd/OcJvtZfjXXFI2GMmU2 iZQgxig/LLQKdIzuFAzlW
#39295 [Fbk->Opn]: openssl_csr_sign and options
ID: 39295 User updated by: bassijunior at yahoo dot com dot br Reported By: bassijunior at yahoo dot com dot br -Status: Feedback +Status: Open Bug Type: Feature/Change Request Operating System: Windows XP PHP Version: 5.1.6 Assigned To: pajoye New Comment: "$nacionalidade", "stateOrProvinceName" => "$estado", "localityName" => "$cidade", "commonName" => "$commomName", "emailAddress" => "$email", "subjectAltName" => "123456789" ); $configuracao=array( "config" => "$pwd\\openssl.cnf" ); $notext = (bool)""; $privkey = openssl_pkey_new($configuracao); $csr = openssl_csr_new($dn, $privkey, $configuracao); openssl_pkey_export_to_file($privkey, "$pwd\\demoCA\\pkey_teste.pem", "$passphrase"); openssl_csr_export_to_file($csr, "$pwd\\demoCA\\csr_teste.pem", $notext); ?> Is the subjectAltName is a extension, isn't is? But I can put in the $dn variable(distinguished name). I wanted to put a subjectAltName as extension, not as a distinguished name. Thanks! Previous Comments: [2006-11-05 13:54:43] [EMAIL PROTECTED] Please provide a complete script to reproduce your problem. [2006-11-05 00:50:14] bassijunior at yahoo dot com dot br Hi, I can add fields of DN(distinguished name)using the openssl_csr_new function. $csr = openssl_csr_new($dn, $privkey, $configarg); I did a test. I placed a subjectAltName in $dn the variable and the openssl_csr_new added a subjectAltName like a distinguished name, but subjectAltName is a extension, not a DN. $dn = array( "countryName" => "$nacionalidade", "stateOrProvinceName" => "$estado", "localityName" => "$cidade", "commonName" => "$commomName", "emailAddress" => "$email", "subjectAltName" => "123456789", What is happening? Here a certificate: Certificate: Data: Version: 3 (0x2) Serial Number: 1162687748 (0x454d3504) Signature Algorithm: sha1WithRSAEncryption Issuer: C=BR, ST=RJ, L=Rio de Janeiro, O=Home, OU=quarto, CN=Junior/[EMAIL PROTECTED] Validity Not Before: Nov 5 00:49:08 2006 GMT Not After : Nov 5 00:49:08 2007 GMT Subject: C=BR, ST=RJ, L=Rio, CN=Jos\xE9 Alberto Bassi/[EMAIL PROTECTED]/subjectAltName=123456789 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:ea:49:5c:e7:5b:59:77:e2:af:1e:1b:b5:6a:08: d2:2b:2c:97:c6:01:9f:2f:44:20:4a:3a:09:47:54: bb:09:af:92:4a:fc:e7:96:6d:8b:06:75:3e:3d:c7: 50:60:92:9f:47:26:86:d2:68:3b:1b:26:77:f3:9c: 26:fb:59:7e:35:d7:14:8d:86:32:65:36:89:94:20: c6:28:3f:2c:b4:0a:74:8c:ee:14:0c:e5:5a:81:3a: 06:4f:2d:41:c7:c9:2e:b1:30:ef:89:fd:e3:5f:d0: 37:86:35:2f:67:bd:be:81:cd:c1:93:a9:a1:4a:df: b4:08:1f:a0:8d:f7:fc:8c:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE X509v3 Key Usage: Digital Signature, Non Repudiation, Key Encipherment Signature Algorithm: sha1WithRSAEncryption 52:82:a4:2f:57:36:43:9a:dd:22:65:73:f8:7c:88:52:18:fc: c9:3e:54:50:f1:60:ec:07:4c:a4:3b:97:45:3e:ac:ad:db:37: 45:71:a1:67:cd:19:ad:e5:ee:21:26:e1:b3:70:18:66:af:b6: 06:ba:f4:64:95:6c:88:61:93:fc:18:86:7d:28:13:64:ee:a2: a6:ad:32:7f:6a:ce:ec:c5:27:80:17:38:c6:2a:4a:ff:9b:77: d9:45:a8:73:ef:5f:07:b9:de:ba:81:bd:c9:04:76:0d:36:03: 43:23:d0:f9:1f:69:fa:05:6f:4c:4c:10:e1:48:88:19:94:ca: 8d:cd -BEGIN CERTIFICATE- MIICmTCCAgKgAwIBAgIERU01BDANBgkqhkiG9w0BAQUFADCBgjELMAkGA1UEBhMC QlIxCzAJBgNVBAgTAlJKMRcwFQYDVQQHEw5SaW8gZGUgSmFuZWlybzENMAsGA1UE ChMESG9tZTEPMA0GA1UECxMGcXVhcnRvMQ8wDQYDVQQDEwZKdW5pb3IxHDAaBgkq hkiG9w0BCQEWDWJiQG9waWl3ZS5jb20wHhcNMDYxMTA1MDA0OTA4WhcNMDcxMTA1 MDA0OTA4WjCBgjELMAkGA1UEBhMCQlIxCzAJBgNVBAgTAlJKMQwwCgYDVQQHEwNS aW8xGzAZBgNVBAMUEkpvc+kgQWxiZXJ0byBCYXNzaTEnMCUGCSqGSIb3DQEJARYY YmFzc2lqdW5pb3JAeWFob28uY29tLmJyMRIwEAYDVR0REwkxMjM0NTY3ODkwgZ8w DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOpJXOdbWXfirx4btWoI0issl8YBny9E IEo6CUdUuwmvkkr855ZtiwZ1Pj3HUGCSn0cmhtJoOxsmd/OcJvtZfjXXFI2GMmU2 iZQgxig/LLQKdIzuFAzlWoE6Bk8tQcfJLrEw74n941/QN4Y1L2e9voHNwZOpoUrf tAgfoI33/Iz9AgMBAAGjGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMA0GCSqG SIb3DQEBBQUAA4GBAFKCpC9XNkOa
#39295 [Opn]: openssl_csr_sign and options
ID: 39295 User updated by: bassijunior at yahoo dot com dot br Reported By: bassijunior at yahoo dot com dot br Status: Open Bug Type: Feature/Change Request Operating System: Windows XP PHP Version: 5.1.6 Assigned To: pajoye New Comment: Hi, I can add fields of DN(distinguished name)using the openssl_csr_new function. $csr = openssl_csr_new($dn, $privkey, $configarg); I did a test. I placed a subjectAltName in $dn the variable and the openssl_csr_new added a subjectAltName like a distinguished name, but subjectAltName is a extension, not a DN. $dn = array( "countryName" => "$nacionalidade", "stateOrProvinceName" => "$estado", "localityName" => "$cidade", "commonName" => "$commomName", "emailAddress" => "$email", "subjectAltName" => "123456789", What is happening? Here a certificate: Certificate: Data: Version: 3 (0x2) Serial Number: 1162687748 (0x454d3504) Signature Algorithm: sha1WithRSAEncryption Issuer: C=BR, ST=RJ, L=Rio de Janeiro, O=Home, OU=quarto, CN=Junior/[EMAIL PROTECTED] Validity Not Before: Nov 5 00:49:08 2006 GMT Not After : Nov 5 00:49:08 2007 GMT Subject: C=BR, ST=RJ, L=Rio, CN=Jos\xE9 Alberto Bassi/[EMAIL PROTECTED]/subjectAltName=123456789 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:ea:49:5c:e7:5b:59:77:e2:af:1e:1b:b5:6a:08: d2:2b:2c:97:c6:01:9f:2f:44:20:4a:3a:09:47:54: bb:09:af:92:4a:fc:e7:96:6d:8b:06:75:3e:3d:c7: 50:60:92:9f:47:26:86:d2:68:3b:1b:26:77:f3:9c: 26:fb:59:7e:35:d7:14:8d:86:32:65:36:89:94:20: c6:28:3f:2c:b4:0a:74:8c:ee:14:0c:e5:5a:81:3a: 06:4f:2d:41:c7:c9:2e:b1:30:ef:89:fd:e3:5f:d0: 37:86:35:2f:67:bd:be:81:cd:c1:93:a9:a1:4a:df: b4:08:1f:a0:8d:f7:fc:8c:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE X509v3 Key Usage: Digital Signature, Non Repudiation, Key Encipherment Signature Algorithm: sha1WithRSAEncryption 52:82:a4:2f:57:36:43:9a:dd:22:65:73:f8:7c:88:52:18:fc: c9:3e:54:50:f1:60:ec:07:4c:a4:3b:97:45:3e:ac:ad:db:37: 45:71:a1:67:cd:19:ad:e5:ee:21:26:e1:b3:70:18:66:af:b6: 06:ba:f4:64:95:6c:88:61:93:fc:18:86:7d:28:13:64:ee:a2: a6:ad:32:7f:6a:ce:ec:c5:27:80:17:38:c6:2a:4a:ff:9b:77: d9:45:a8:73:ef:5f:07:b9:de:ba:81:bd:c9:04:76:0d:36:03: 43:23:d0:f9:1f:69:fa:05:6f:4c:4c:10:e1:48:88:19:94:ca: 8d:cd -BEGIN CERTIFICATE- MIICmTCCAgKgAwIBAgIERU01BDANBgkqhkiG9w0BAQUFADCBgjELMAkGA1UEBhMC QlIxCzAJBgNVBAgTAlJKMRcwFQYDVQQHEw5SaW8gZGUgSmFuZWlybzENMAsGA1UE ChMESG9tZTEPMA0GA1UECxMGcXVhcnRvMQ8wDQYDVQQDEwZKdW5pb3IxHDAaBgkq hkiG9w0BCQEWDWJiQG9waWl3ZS5jb20wHhcNMDYxMTA1MDA0OTA4WhcNMDcxMTA1 MDA0OTA4WjCBgjELMAkGA1UEBhMCQlIxCzAJBgNVBAgTAlJKMQwwCgYDVQQHEwNS aW8xGzAZBgNVBAMUEkpvc+kgQWxiZXJ0byBCYXNzaTEnMCUGCSqGSIb3DQEJARYY YmFzc2lqdW5pb3JAeWFob28uY29tLmJyMRIwEAYDVR0REwkxMjM0NTY3ODkwgZ8w DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOpJXOdbWXfirx4btWoI0issl8YBny9E IEo6CUdUuwmvkkr855ZtiwZ1Pj3HUGCSn0cmhtJoOxsmd/OcJvtZfjXXFI2GMmU2 iZQgxig/LLQKdIzuFAzlWoE6Bk8tQcfJLrEw74n941/QN4Y1L2e9voHNwZOpoUrf tAgfoI33/Iz9AgMBAAGjGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMA0GCSqG SIb3DQEBBQUAA4GBAFKCpC9XNkOa3SJlc/h8iFIY/Mk+VFDxYOwHTKQ7l0U+rK3b N0VxoWfNGa3l7iEm4bNwGGavtga69GSVbIhhk/wYhn0oE2TuoqatMn9qzuzFJ4AX OMYqSv+bd9lFqHPvXwe53rqBvckEdg02A0Mj0PkfafoFb0xMEOFIiBmUyo3N -END CERTIFICATE- Thanks! Previous Comments: [2006-10-31 01:47:10] bassijunior at yahoo dot com dot br I will get the certificate request from a Data Base(Mysql). After that( in other file), I have to sign this request. But, I want to add some extensions in the certificate, in the moment of signature. To sign the request, I use: $usercert_2 = openssl_csr_sign($req_dados, $cert_dados, $pkeyid, 365, $config, time()); Where $config is: $config = array( 'digest_alg' => 'sha1', "config" => "$pwd\\openssl.cnf"); Is there some way to put some extensions in the variable $config? Thanks! [2006-10-30 16:30:04] [EMAIL PROTECTED] Do you want to create the certificate and sign at the same time? If not, can you explain what you want with some kind of pseudo code? [2006-
#39295 [Fbk->Opn]: openssl_csr_sign and options
ID: 39295 User updated by: bassijunior at yahoo dot com dot br Reported By: bassijunior at yahoo dot com dot br -Status: Feedback +Status: Open Bug Type: Feature/Change Request Operating System: Windows XP PHP Version: 5.1.6 Assigned To: pajoye New Comment: I will get the certificate request from a Data Base(Mysql). After that( in other file), I have to sign this request. But, I want to add some extensions in the certificate, in the moment of signature. To sign the request, I use: $usercert_2 = openssl_csr_sign($req_dados, $cert_dados, $pkeyid, 365, $config, time()); Where $config is: $config = array( 'digest_alg' => 'sha1', "config" => "$pwd\\openssl.cnf"); Is there some way to put some extensions in the variable $config? Thanks! Previous Comments: [2006-10-30 16:30:04] [EMAIL PROTECTED] Do you want to create the certificate and sign at the same time? If not, can you explain what you want with some kind of pseudo code? ------------ [2006-10-30 00:16:03] bassijunior at yahoo dot com dot br OK. I know this function. But this function is used to create a request. I want to add extension in the moment of signature. Thanks [2006-10-29 17:51:30] [EMAIL PROTECTED] See openssl_csr_new. ------------ [2006-10-28 23:42:40] bassijunior at yahoo dot com dot br Description: Hi, I'm developing a project that use a openssl functions. I need to write the certificate extension in a x.509 certificate " on the fly". In others words, I will get a data from DB(MYSQL) and then I will write the extension X.509 . Does the openssl_csr_sign can do this? How can I pass more parameters to this function? Is it possible? How can I do this? Thanks!!! -- Edit this bug report at http://bugs.php.net/?id=39295&edit=1
#39295 [Bgs]: openssl_csr_sign and options
ID: 39295 User updated by: bassijunior at yahoo dot com dot br Reported By: bassijunior at yahoo dot com dot br Status: Bogus Bug Type: Feature/Change Request Operating System: Windows XP PHP Version: 5.1.6 Assigned To: pajoye New Comment: OK. I know this function. But this function is used to create a request. I want to add extension in the moment of signature. Thanks Previous Comments: [2006-10-29 17:51:30] [EMAIL PROTECTED] See openssl_csr_new. [2006-10-28 23:42:40] bassijunior at yahoo dot com dot br Description: Hi, I'm developing a project that use a openssl functions. I need to write the certificate extension in a x.509 certificate " on the fly". In others words, I will get a data from DB(MYSQL) and then I will write the extension X.509 . Does the openssl_csr_sign can do this? How can I pass more parameters to this function? Is it possible? How can I do this? Thanks!!! -- Edit this bug report at http://bugs.php.net/?id=39295&edit=1
#39295 [NEW]: openssl_csr_sign and options
From: bassijunior at yahoo dot com dot br Operating system: Windows XP PHP version: 5.1.6 PHP Bug Type: Feature/Change Request Bug description: openssl_csr_sign and options Description: Hi, I'm developing a project that use a openssl functions. I need to write the certificate extension in a x.509 certificate " on the fly". In others words, I will get a data from DB(MYSQL) and then I will write the extension X.509 . Does the openssl_csr_sign can do this? How can I pass more parameters to this function? Is it possible? How can I do this? Thanks!!! -- Edit bug report at http://bugs.php.net/?id=39295&edit=1 -- Try a CVS snapshot (PHP 4.4): http://bugs.php.net/fix.php?id=39295&r=trysnapshot44 Try a CVS snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=39295&r=trysnapshot52 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=39295&r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=39295&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=39295&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=39295&r=needtrace Need Reproduce Script:http://bugs.php.net/fix.php?id=39295&r=needscript Try newer version:http://bugs.php.net/fix.php?id=39295&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=39295&r=support Expected behavior:http://bugs.php.net/fix.php?id=39295&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=39295&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=39295&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=39295&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=39295&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=39295&r=dst IIS Stability:http://bugs.php.net/fix.php?id=39295&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=39295&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=39295&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=39295&r=nozend MySQL Configuration Error:http://bugs.php.net/fix.php?id=39295&r=mysqlcfg
#38937 [Bgs]: openssl_csr_parse()
ID: 38937 User updated by: bassijunior at yahoo dot com dot br Reported By: bassijunior at yahoo dot com dot br Status: Bogus Bug Type: OpenSSL related Operating System: Windows XP PHP Version: 5.1.6 Assigned To: pajoye New Comment: Ok. I will access this site that you recommended. Thank you very much by your help!! Previous Comments: [2006-10-10 13:13:10] [EMAIL PROTECTED] All you need is here: http://www.php.net/manual/en/install.windows.php I close this bug, solved (not a bug, bogus, the new functions already exist). [2006-10-10 01:36:28] bassijunior at yahoo dot com dot br Hi, I downloaded the PHP 5.2(.zip). Then, I extracted the files to the php directory. After this, the apache doesn't start. I'm looking for about the install documentation in the Internet, but I didn't yet found. Thanks. [2006-10-08 21:10:18] [EMAIL PROTECTED] 5.2 will be released in the next 2-3 weeks. The documentation will be added in the PHP manual. But what did not work? the 5.2 install? [2006-10-08 18:51:07] bassijunior at yahoo dot com dot br I found something in the Internet, but it doesn´t work. Where can I found a good documentation about that? And, another thing, do you know when the new version of PHP, the version 5.2 will be available? Thanks. [2006-10-08 11:29:36] [EMAIL PROTECTED] Snapshots are just like release. You can follow the install instructions in the manual to install them. You can use the CLI (console) to test it. The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/38937 -- Edit this bug report at http://bugs.php.net/?id=38937&edit=1
#38937 [Fbk->Opn]: openssl_csr_parse()
ID: 38937 User updated by: bassijunior at yahoo dot com dot br Reported By: bassijunior at yahoo dot com dot br -Status: Feedback +Status: Open Bug Type: OpenSSL related Operating System: Windows XP PHP Version: 5.1.6 Assigned To: pajoye New Comment: Hi, I downloaded the PHP 5.2(.zip). Then, I extracted the files to the php directory. After this, the apache doesn't start. I'm looking for about the install documentation in the Internet, but I didn't yet found. Thanks. Previous Comments: [2006-10-08 21:10:18] [EMAIL PROTECTED] 5.2 will be released in the next 2-3 weeks. The documentation will be added in the PHP manual. But what did not work? the 5.2 install? [2006-10-08 18:51:07] bassijunior at yahoo dot com dot br I found something in the Internet, but it doesn´t work. Where can I found a good documentation about that? And, another thing, do you know when the new version of PHP, the version 5.2 will be available? Thanks. [2006-10-08 11:29:36] [EMAIL PROTECTED] Snapshots are just like release. You can follow the install instructions in the manual to install them. You can use the CLI (console) to test it. [2006-10-08 04:33:24] bassijunior at yahoo dot com dot br Hi, I think so. But I don´t know how to use the snapshot. What can I do to use this? I did a download, but now, apache doesn´t work. [2006-10-05 11:28:10] [EMAIL PROTECTED] With 5.2.0 or later: Is it what you are looking for? $csr = file_get_contents('somecsr'); $csr_details = openssl_csr_get_subject($csr, 1) print_r($details); and to get the pkey: $key = openssl_csr_get_public_key($csr); You can try it using the snapshot: http://snaps.php.net but it will not be backported to 5.1. The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/38937 -- Edit this bug report at http://bugs.php.net/?id=38937&edit=1
#38937 [Bgs]: openssl_csr_parse()
ID: 38937 User updated by: bassijunior at yahoo dot com dot br Reported By: bassijunior at yahoo dot com dot br Status: Bogus Bug Type: OpenSSL related Operating System: Windows XP PHP Version: 5.1.6 New Comment: I found something in the Internet, but it doesn´t work. Where can I found a good documentation about that? And, another thing, do you know when the new version of PHP, the version 5.2 will be available? Thanks. Previous Comments: [2006-10-08 11:29:36] [EMAIL PROTECTED] Snapshots are just like release. You can follow the install instructions in the manual to install them. You can use the CLI (console) to test it. [2006-10-08 04:33:24] bassijunior at yahoo dot com dot br Hi, I think so. But I don´t know how to use the snapshot. What can I do to use this? I did a download, but now, apache doesn´t work. [2006-10-05 11:28:10] [EMAIL PROTECTED] With 5.2.0 or later: Is it what you are looking for? $csr = file_get_contents('somecsr'); $csr_details = openssl_csr_get_subject($csr, 1) print_r($details); and to get the pkey: $key = openssl_csr_get_public_key($csr); You can try it using the snapshot: http://snaps.php.net but it will not be backported to 5.1. [2006-10-05 01:34:54] bassijunior at yahoo dot com dot br No. I am developing a project using the openssl functions in the PHP. These certificates, that I generate, aren´t to use as web certificate. I will use this certificate to prove that a user submited a file for me, for example. It's a aplication very unusual. Condensing, before generate a certificate, I have to generate a request certificate, ok? I do this using openssl_csr_new function. I only want to know how I can read a certificate request. To read the certificate(.PEM) I use the openssl_X509_parse, how I showed in my last comment, but I also need to read the certificate request. How can I read it? Is there a openssl__parse to read a certificate request? Thanks! [2006-10-03 01:02:47] [EMAIL PROTECTED] By request, do you mean from an url? like https://example.com? The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/38937 -- Edit this bug report at http://bugs.php.net/?id=38937&edit=1
#38937 [Opn]: openssl_csr_parse()
ID: 38937 User updated by: bassijunior at yahoo dot com dot br Reported By: bassijunior at yahoo dot com dot br Status: Open Bug Type: Feature/Change Request Operating System: Windows XP PHP Version: 5.1.6 New Comment: Hi, I think so. But I don´t know how to use the snapshot. What can I do to use this? I did a download, but now, apache doesn´t work. Previous Comments: [2006-10-05 11:28:10] [EMAIL PROTECTED] With 5.2.0 or later: Is it what you are looking for? $csr = file_get_contents('somecsr'); $csr_details = openssl_csr_get_subject($csr, 1) print_r($details); and to get the pkey: $key = openssl_csr_get_public_key($csr); You can try it using the snapshot: http://snaps.php.net but it will not be backported to 5.1. [2006-10-05 01:34:54] bassijunior at yahoo dot com dot br No. I am developing a project using the openssl functions in the PHP. These certificates, that I generate, aren´t to use as web certificate. I will use this certificate to prove that a user submited a file for me, for example. It's a aplication very unusual. Condensing, before generate a certificate, I have to generate a request certificate, ok? I do this using openssl_csr_new function. I only want to know how I can read a certificate request. To read the certificate(.PEM) I use the openssl_X509_parse, how I showed in my last comment, but I also need to read the certificate request. How can I read it? Is there a openssl__parse to read a certificate request? Thanks! [2006-10-03 01:02:47] [EMAIL PROTECTED] By request, do you mean from an url? like https://example.com? [2006-10-03 00:54:21] bassijunior at yahoo dot com dot br For example, with a openssl_X509_parse function() I can print the certificate. But I need to do this with a request created by openssl_csr_new() function. I oopen the certificate and I print this: I want to do this with request too, and not only with a certificate. Thanks!! [2006-10-03 00:17:03] [EMAIL PROTECTED] What are you trying to do? Parse a peer certicate? The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/38937 -- Edit this bug report at http://bugs.php.net/?id=38937&edit=1
#38937 [Fbk->Opn]: openssl_csr_parse()
ID: 38937 User updated by: bassijunior at yahoo dot com dot br Reported By: bassijunior at yahoo dot com dot br -Status: Feedback +Status: Open Bug Type: Feature/Change Request Operating System: Windows XP PHP Version: 5.1.6 New Comment: No. I am developing a project using the openssl functions in the PHP. These certificates, that I generate, aren´t to use as web certificate. I will use this certificate to prove that a user submited a file for me, for example. It's a aplication very unusual. Condensing, before generate a certificate, I have to generate a request certificate, ok? I do this using openssl_csr_new function. I only want to know how I can read a certificate request. To read the certificate(.PEM) I use the openssl_X509_parse, how I showed in my last comment, but I also need to read the certificate request. How can I read it? Is there a openssl__parse to read a certificate request? Thanks! Previous Comments: [2006-10-03 01:02:47] [EMAIL PROTECTED] By request, do you mean from an url? like https://example.com? [2006-10-03 00:54:21] bassijunior at yahoo dot com dot br For example, with a openssl_X509_parse function() I can print the certificate. But I need to do this with a request created by openssl_csr_new() function. I oopen the certificate and I print this: I want to do this with request too, and not only with a certificate. Thanks!! [2006-10-03 00:17:03] [EMAIL PROTECTED] What are you trying to do? Parse a peer certicate? [2006-10-02 23:21:05] bassijunior at yahoo dot com dot br Hi, Some news about that? Nobody answers me... Thanks!! [2006-09-23 20:12:18] bassijunior at yahoo dot com dot br Description: I need to open a certificate request like one array, like I did with the X.509 certificate. To verify a X.509 certificate I use openssl_x509_parse( mixed x509cert [, bool shortnames]). And about the certificate request? I want to do the same that i did with certificate.How Can read it? Is there any function to do that? -- Edit this bug report at http://bugs.php.net/?id=38937&edit=1
#38937 [Fbk->Opn]: openssl_csr_parse()
ID: 38937 User updated by: bassijunior at yahoo dot com dot br Reported By: bassijunior at yahoo dot com dot br -Status: Feedback +Status: Open Bug Type: Feature/Change Request Operating System: Windows XP PHP Version: 5.1.6 New Comment: For example, with a openssl_X509_parse function() I can print the certificate. But I need to do this with a request created by openssl_csr_new() function. I oopen the certificate and I print this: I want to do this with request too, and not only with a certificate. Thanks!! Previous Comments: [2006-10-03 00:17:03] [EMAIL PROTECTED] What are you trying to do? Parse a peer certicate? [2006-10-02 23:21:05] bassijunior at yahoo dot com dot br Hi, Some news about that? Nobody answers me... Thanks!! [2006-09-23 20:12:18] bassijunior at yahoo dot com dot br Description: I need to open a certificate request like one array, like I did with the X.509 certificate. To verify a X.509 certificate I use openssl_x509_parse( mixed x509cert [, bool shortnames]). And about the certificate request? I want to do the same that i did with certificate.How Can read it? Is there any function to do that? -- Edit this bug report at http://bugs.php.net/?id=38937&edit=1
#38937 [Opn]: openssl_csr_parse()
ID: 38937 User updated by: bassijunior at yahoo dot com dot br Reported By: bassijunior at yahoo dot com dot br Status: Open Bug Type: Feature/Change Request Operating System: Windows XP PHP Version: 5.1.6 New Comment: Hi, Some news about that? Nobody answers me... Thanks!! Previous Comments: [2006-09-23 20:12:18] bassijunior at yahoo dot com dot br Description: I need to open a certificate request like one array, like I did with the X.509 certificate. To verify a X.509 certificate I use openssl_x509_parse( mixed x509cert [, bool shortnames]). And about the certificate request? I want to do the same that i did with certificate.How Can read it? Is there any function to do that? -- Edit this bug report at http://bugs.php.net/?id=38937&edit=1
#38937 [NEW]: openssl_csr_parse()
From: bassijunior at yahoo dot com dot br Operating system: Windows XP PHP version: 5.1.6 PHP Bug Type: Feature/Change Request Bug description: openssl_csr_parse() Description: I need to open a certificate request like one array, like I did with the X.509 certificate. To verify a X.509 certificate I use openssl_x509_parse( mixed x509cert [, bool shortnames]). And about the certificate request? I want to do the same that i did with certificate.How Can read it? Is there any function to do that? -- Edit bug report at http://bugs.php.net/?id=38937&edit=1 -- Try a CVS snapshot (PHP 4.4): http://bugs.php.net/fix.php?id=38937&r=trysnapshot44 Try a CVS snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=38937&r=trysnapshot52 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=38937&r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=38937&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=38937&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=38937&r=needtrace Need Reproduce Script:http://bugs.php.net/fix.php?id=38937&r=needscript Try newer version:http://bugs.php.net/fix.php?id=38937&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=38937&r=support Expected behavior:http://bugs.php.net/fix.php?id=38937&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=38937&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=38937&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=38937&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=38937&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=38937&r=dst IIS Stability:http://bugs.php.net/fix.php?id=38937&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=38937&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=38937&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=38937&r=nozend MySQL Configuration Error:http://bugs.php.net/fix.php?id=38937&r=mysqlcfg
#21341 [Com]: Calling openssl_csr_sign with a non-null value fails
ID: 21341 Comment by: bassijunior at yahoo dot com dot br Reported By: larry at smog dot com Status: No Feedback Bug Type: OpenSSL related Operating System: RedHat 7.3 (2.4.18-3) PHP Version: 4.2.3 New Comment: I have the same problem. I did what it was said in the forum, but I still have a error: openssl_csr_sign() [function.openssl-csr-sign]: cannot get CSR from parameter 1 What can I do? Thanks Previous Comments: [2004-06-25 22:15:19] sumans at list dot ufl dot edu Sorry for bothering you again, but here is the code: $_POST[countryName], "stateOrProvinceName"=> $_POST[stateName], "localityName" => $_POST[cityName], "organizationName" => $_POST[organizationName], "organizationalUnitName" => $_POST[unitName], "commonName" => $_POST[commonName], "emailAddress" => $_POST[emailAddress] ); $req_csr = openssl_csr_new ($dn, $req_key); openssl_csr_export_to_file($req_csr, "newreq.pem"); $req_cert = openssl_csr_sign($req_csr, "file://$caCertFile", $req_key, 1) ; ?> I know that root.pem exists, and it is being loaded, but it looks like the PHP engine just crashes at the openssl_csr_sign. [2004-06-25 22:11:52] sumans at list dot ufl dot edu Hi, I dont know if this bug was closed, but I am experiencing the exact same problem now. I am using the PHP engine and Apache server that came built in Red Hat Linux 9. I know that the CA certificate is being loaded into the engine (because it complains if I give it a wrong path), but then it just crashes. No messages, nothing. The PHP engine just stops working and nothing is displayed after the function is called. Thanks, Suman [2003-01-17 22:14:45] [EMAIL PROTECTED] No feedback was provided. The bug is being suspended because we assume that you are no longer experiencing the problem. If this is not the case and you are able to provide the information that was requested earlier, please do so and change the status of the bug back to "Open". Thank you. [2003-01-02 15:27:51] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php4-latest.tar.gz For Windows: http://snaps.php.net/win32/php4-win32-latest.zip If you still experience a problem try to replicate the problem using CLI sapi and add var_dump($csr) before the openssl_csr_sign() function call and add var_dump($cert) at the end of the script. [2003-01-02 11:49:34] larry at smog dot com When I try to use openssl_csr_sign to sign a CSR with a CA certificate I get no error reports, and program output terminates. Example code: $cacert = "file://caselfsigncert.pem"; $cakey = array("file://caselfsignkey.pem", "insecureselfsignkey"); if ($privkey = openssl_pkey_new()) { openssl_pkey_export($privkey, $pkeyout, $passphrase); print "priv key$pkeyout"; } if ($csr = openssl_csr_new($dn, $privkey)) { openssl_csr_export($csr, $csrout); print "CSR:$csrout"; } if ($cert = openssl_csr_sign($csr, $cacert, $cakey, 365)) { openssl_x509_export($cert, $certout); print "x509:$certout"; } I am certain that the $cacert and $cakey files are being properly opened. If I change them to reference an invalid file, PHP returns the appropriate errors. I'm also certain that the key's passphrase is being properly passed, when I change the passphrase I also get the expected errors. In fact, OpenSSL returns success, but my program appears to exit. I've tried the openssl_error_string, but it also reports no information. I'm no PHP expert, but it appears as if PHP segfaulting when this function is called. Works fine if I call it with a NULL for the $cacert value (i.e. self-signed). Using the CA cert with the commandline tool openssl works fine too. Using openssl-0.9.6h. -- Edit this bug report at http://bugs.php.net/?id=21341&edit=1