|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #31638 openssl_csr_sign ignoring configargs
Submitted: 2005-01-21 16:09 UTC Modified: 2006-07-31 00:48 UTC
Avg. Score:4.3 ± 0.9
Reproduced:6 of 6 (100.0%)
Same Version:1 (16.7%)
Same OS:5 (83.3%)
From: john dot douglass at oit dot gatech dot edu Assigned: sniper
Status: Closed Package: OpenSSL related
PHP Version: 5.0.3 OS: Linux 2.4.22
Private report: No CVE-ID:
 [2005-01-21 16:09 UTC] john dot douglass at oit dot gatech dot edu
Attempting to use function openssl_csr_sign with the optional "configargs" array to specify which extensions to sign the cert with.

The function works and I get a signed certificate, however the config arg {"x509_extensions" => "auth_only"} doesn't appear to work.

PHP 5.0.3 with OpenSSL support (which everything works except for this one thing)

Reproduce code:
Source at:

OpenSSL config at:

Client code at:

Expected result:
I expect a signed certificate with the specified extensions (the keyUsage/extendedKeyUsage,etc) as specified in the "auth_only" extension section

Actual result:
A certificate with apparently NO extensions. 


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2005-07-09 00:40 UTC]
Apparently those urls don't work anymore. Please provide working URLs.

 [2005-07-16 01:00 UTC] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 [2006-07-31 00:48 UTC]
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
Thank you for the report, and for helping us make PHP better.

PHP Copyright © 2001-2015 The PHP Group
All rights reserved.
Last updated: Fri Oct 09 03:01:29 2015 UTC