|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2009-12-08 23:20 UTC] felipe@php.net
[2009-12-16 01:00 UTC] php-bugs at lists dot php dot net
|
|||||||||||||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Sat Oct 25 23:00:01 2025 UTC |
Description: ------------ When I manualy sign a certificate from the shell: ./CA.sh -sign or openssl ca -policy policy_anything -out newcert.pem -infiles newreq.pem the value in the file 'serial' increase ($value++). When I sign a certificate with php (openssl_csr_sign): -the serial (file) doesn't change -the new certificate has a good 'serial' value Reproduce code: --------------- $CAcrt = file_get_contents("/usr/lib/ssl/misc/demoCA/cacert.pem"); $serial_hexa = file_get_contents("/usr/lib/ssl/misc/demoCA/serial"); $serial_dec_net=intval($serial_hexa,16); /*04*/ $CAkey = array(file_get_contents("/usr/lib/ssl/misc/demoCA/private/cakey.pem"), "Gas/ZWmUkz7y2"); echo "--".$serial_hexa."--"; echo "<br>++".$serian_dec_net."++"; $clientKeys = openssl_pkey_new(); $dn = array( "countryName" => "FR", "stateOrProvinceName" => "Ain", "localityName" => "Jouan", "organizationName" => "Certificat client", "organizationalUnitName" => "Info", "commonName" => "www.abc.fr", "emailAddress" => "lolo@xp.fr" ); $csr = openssl_csr_new($dn, $clientPrivKey); $config = array( "config" => "/etc/ssl/openssl.cnf", ); $cert = openssl_csr_sign($csr, $CAcrt, $CAkey, 1095, $config, '04'); openssl_x509_export($cert, $certout); echo $certout; openssl_pkcs12_export_to_file ( $certout, "tmp/tito.p12" , $clientPrivKey , "mimine") Expected result: ---------------- The result is good, as the certificate, but the value inside 'serial' doesn't change....