Sophie

Sophie

distrib > Mandriva > 2008.1 > x86_64 > by-pkgid > 05cd670d8a02b2b4a0ffb1756f2e8308 > files > 8649

php-manual-zh-5.2.4-1mdv2008.1.noarch.rpm

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>openssl_csr_sign</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
TITLE="PHP 手册"
HREF="index.html"><LINK
REL="UP"
TITLE="OpenSSL Functions"
HREF="ref.openssl.html"><LINK
REL="PREVIOUS"
TITLE="openssl_csr_new"
HREF="function.openssl-csr-new.html"><LINK
REL="NEXT"
TITLE="openssl_error_string"
HREF="function.openssl-error-string.html"><META
HTTP-EQUIV="Content-type"
CONTENT="text/html; charset=UTF-8"></HEAD
><BODY
CLASS="refentry"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>PHP 手册</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="function.openssl-csr-new.html"
ACCESSKEY="P"
>上一页</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="function.openssl-error-string.html"
ACCESSKEY="N"
>下一页</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><H1
><A
NAME="function.openssl-csr-sign"
></A
>openssl_csr_sign</H1
><DIV
CLASS="refnamediv"
><A
NAME="AEN163783"
></A
><P
>    (PHP 4 &#62;= 4.2.0, PHP 5)</P
>openssl_csr_sign&nbsp;--&nbsp;Sign a CSR with another certificate (or itself) and generate a certificate</DIV
><DIV
CLASS="refsect1"
><A
NAME="AEN163786"
></A
><H2
>Description</H2
>resource <B
CLASS="methodname"
>openssl_csr_sign</B
> ( mixed csr, mixed cacert, mixed priv_key, int days [, array configargs [, int serial]] )<BR
></BR
><P
>&#13;     <B
CLASS="function"
>openssl_csr_sign()</B
> generates an x509 certificate
     resource from the <CODE
CLASS="parameter"
>csr</CODE
> previously generated by
     <A
HREF="function.openssl-csr-new.html"
><B
CLASS="function"
>openssl_csr_new()</B
></A
>, but it can also be the path to
     a PEM encoded CSR when specified as
     <TT
CLASS="filename"
>file://path/to/csr</TT
> or an exported string generated
     by <A
HREF="function.openssl-csr-export.html"
><B
CLASS="function"
>openssl_csr_export()</B
></A
>.
     The generated certificate will be signed by
     <CODE
CLASS="parameter"
>cacert</CODE
>.  If <CODE
CLASS="parameter"
>cacert</CODE
> is <TT
CLASS="constant"
><B
>NULL</B
></TT
>,
     the generated certificate will be a self-signed certificate.
     <CODE
CLASS="parameter"
>priv_key</CODE
> is the private key that corresponds to
     <CODE
CLASS="parameter"
>cacert</CODE
>.
     <CODE
CLASS="parameter"
>days</CODE
> specifies the length of time for which the
     generated certificate will be valid, in days.
     You can finetune the CSR signing by <CODE
CLASS="parameter"
>configargs</CODE
>.
     See <A
HREF="function.openssl-csr-new.html"
><B
CLASS="function"
>openssl_csr_new()</B
></A
> for more information about
     <CODE
CLASS="parameter"
>configargs</CODE
>.
     Since PHP 4.3.3 you can specify the serial number of issued certificate by
     <CODE
CLASS="parameter"
>serial</CODE
>. In earlier versions, it was always 0.
    </P
><P
>&#13;     Returns an x509 certificate resource on success, <TT
CLASS="constant"
><B
>FALSE</B
></TT
> on failure.
    </P
><DIV
CLASS="note"
><BLOCKQUOTE
CLASS="note"
><P
><B
>注意: </B
>
  You need to have a valid <TT
CLASS="filename"
>openssl.cnf</TT
> installed for
  this function to operate correctly.
  See the notes under <A
HREF="ref.openssl.html#openssl.installation"
>the installation
  section</A
> for more information.
 </P
></BLOCKQUOTE
></DIV
><P
>&#13;     <TABLE
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
CLASS="EXAMPLE"
><TR
><TD
><DIV
CLASS="example"
><A
NAME="AEN163832"
></A
><P
><B
>例 1. <B
CLASS="function"
>openssl_csr_sign()</B
> example - signing a
       CSR (how to implement your own CA)</B
></P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
CELLPADDING="5"
><TR
><TD
><code><font color="#000000">
<font color="#0000BB">&lt;?php<br /></font><font color="#FF8000">// Let's assume that this script is set to receive a CSR that has<br />// been pasted into a textarea from another page<br /></font><font color="#0000BB">$csrdata </font><font color="#007700">= </font><font color="#0000BB">$_POST</font><font color="#007700">[</font><font color="#DD0000">"CSR"</font><font color="#007700">];<br /><br /></font><font color="#FF8000">// We will sign the request using our own "certificate authority"<br />// certificate.&nbsp;&nbsp;You can use any certificate to sign another, but<br />// the process is worthless unless the signing certificate is trusted<br />// by the software/users that will deal with the newly signed certificate<br /><br />// We need our CA cert and its private key<br /></font><font color="#0000BB">$cacert </font><font color="#007700">= </font><font color="#DD0000">"file://path/to/ca.crt"</font><font color="#007700">;<br /></font><font color="#0000BB">$privkey </font><font color="#007700">= array(</font><font color="#DD0000">"file://path/to/ca.key"</font><font color="#007700">, </font><font color="#DD0000">"your_ca_key_passphrase"</font><font color="#007700">);<br /><br /></font><font color="#0000BB">$userscert </font><font color="#007700">= </font><font color="#0000BB">openssl_csr_sign</font><font color="#007700">(</font><font color="#0000BB">$csrdata</font><font color="#007700">, </font><font color="#0000BB">$cacert</font><font color="#007700">, </font><font color="#0000BB">$privkey</font><font color="#007700">, </font><font color="#0000BB">365</font><font color="#007700">);<br /><br /></font><font color="#FF8000">// Now display the generated certificate so that the user can<br />// copy and paste it into their local configuration (such as a file<br />// to hold the certificate for their SSL server)<br /></font><font color="#0000BB">openssl_x509_export</font><font color="#007700">(</font><font color="#0000BB">$usercert</font><font color="#007700">, </font><font color="#0000BB">$certout</font><font color="#007700">);<br />echo </font><font color="#0000BB">$certout</font><font color="#007700">;<br /><br /></font><font color="#FF8000">// Show any errors that occurred here<br /></font><font color="#007700">while ((</font><font color="#0000BB">$e </font><font color="#007700">= </font><font color="#0000BB">openssl_error_string</font><font color="#007700">()) !== </font><font color="#0000BB">false</font><font color="#007700">) {<br />&nbsp;&nbsp;&nbsp;&nbsp;echo </font><font color="#0000BB">$e </font><font color="#007700">. </font><font color="#DD0000">"\n"</font><font color="#007700">;<br />}<br /></font><font color="#0000BB">?&gt;</font>
</font>
</code></TD
></TR
></TABLE
></DIV
></TD
></TR
></TABLE
>
    </P
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="function.openssl-csr-new.html"
ACCESSKEY="P"
>上一页</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
ACCESSKEY="H"
>起始页</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="function.openssl-error-string.html"
ACCESSKEY="N"
>下一页</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>openssl_csr_new</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="ref.openssl.html"
ACCESSKEY="U"
>上一级</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>openssl_error_string</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional