Sophie

Sophie

distrib > Mandriva > 9.1 > ppc > by-pkgid > a34ed6838d4b29d38abd504392a4a797 > files > 1959

php-manual-es-4.3.0-2mdk.noarch.rpm

<HTML
><HEAD
><TITLE
>openssl_csr_new</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
REL="HOME"
TITLE="Manual de PHP"
HREF="index.html"><LINK
REL="UP"
TITLE="OpenSSL functions"
HREF="ref.openssl.html"><LINK
REL="PREVIOUS"
TITLE="openssl_csr_export"
HREF="function.openssl-csr-export.html"><LINK
REL="NEXT"
TITLE="openssl_csr_sign"
HREF="function.openssl-csr-sign.html"><META
HTTP-EQUIV="Content-type"
CONTENT="text/html; charset=ISO-8859-1"></HEAD
><BODY
CLASS="refentry"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>Manual de PHP</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="function.openssl-csr-export.html"
ACCESSKEY="P"
>Anterior</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="function.openssl-csr-sign.html"
ACCESSKEY="N"
>Siguiente</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><H1
><A
NAME="function.openssl-csr-new"
></A
>openssl_csr_new</H1
><DIV
CLASS="refnamediv"
><A
NAME="AEN55714"
></A
><P
>    (PHP 4 &#62;= 4.2.0)</P
>openssl_csr_new&nbsp;--&nbsp;Generates a CSR</DIV
><DIV
CLASS="refsect1"
><A
NAME="AEN55717"
></A
><H2
>Description</H2
>bool <B
CLASS="methodname"
>openssl_csr_new</B
> ( array dn, resource privkey [, array configargs [, array extraattribs]])<BR
></BR
><P
>&#13;     <B
CLASS="function"
>openssl_csr_new()</B
> generates a new CSR (Certificate Signing Request)
     based on the information provided by <TT
CLASS="parameter"
><I
>dn</I
></TT
>, which represents the
     Distinguished Name to be used in the certificate.
    </P
><P
>&#13;     <TT
CLASS="parameter"
><I
>privkey</I
></TT
> should be set to a private key that was
     previously generated by <A
HREF="function.openssl-pkey-new.html"
><B
CLASS="function"
>openssl_pkey_new()</B
></A
> (or
     otherwise obtained from the other openssl_pkey family of functions).
     The corresponding public portion of the key will be used to sign the
     CSR.
    </P
><P
>&#13;     <TT
CLASS="parameter"
><I
>extraattribs</I
></TT
> is used to specify additional
     configuration options for the CSR.  Both <TT
CLASS="parameter"
><I
>dn</I
></TT
> and
     <TT
CLASS="parameter"
><I
>extraattribs</I
></TT
> are associative arrays whose keys are
     converted to OIDs and applied to the relevant part of the request.
    </P
><DIV
CLASS="note"
><BLOCKQUOTE
CLASS="note"
><P
><B
>Nota: </B
>
  You need to have a valid <TT
CLASS="filename"
>openssl.cnf</TT
> installed for
  this function to operate correctly.
  See the notes under <A
HREF="ref.openssl.html#openssl.installation"
>the installation
  section</A
> for more information.
 </P
></BLOCKQUOTE
></DIV
><P
>&#13;     By default, the information in your system <TT
CLASS="literal"
>openssl.conf</TT
>
     is used to initialize the request; you can specify a configuration file
     section by setting the <TT
CLASS="literal"
>config_section_section</TT
> key of
     <TT
CLASS="parameter"
><I
>configargs</I
></TT
>.  You can also specify and alternative
     openssl configuration file by setting the <TT
CLASS="literal"
>config</TT
> key
     to the path of the file you want to use.
     The following keys, if present in <TT
CLASS="parameter"
><I
>configargs</I
></TT
>
     behave as their equivalents in the <TT
CLASS="literal"
>openssl.conf</TT
>, as
     listed in the table below.

     <DIV
CLASS="table"
><A
NAME="AEN55755"
></A
><P
><B
>Tabla 1. Configuration overrides</B
></P
><TABLE
BORDER="1"
CLASS="CALSTABLE"
><THEAD
><TR
><TH
ALIGN="LEFT"
VALIGN="MIDDLE"
><TT
CLASS="parameter"
><I
>configargs</I
></TT
> key</TH
><TH
ALIGN="LEFT"
VALIGN="MIDDLE"
>type</TH
><TH
ALIGN="LEFT"
VALIGN="MIDDLE"
><TT
CLASS="literal"
>openssl.conf</TT
> equivalent</TH
><TH
ALIGN="LEFT"
VALIGN="MIDDLE"
>description</TH
></TR
></THEAD
><TBODY
><TR
><TD
ALIGN="LEFT"
VALIGN="MIDDLE"
>digest_alg</TD
><TD
ALIGN="LEFT"
VALIGN="MIDDLE"
><A
HREF="language.types.string.html"
>string</A
></TD
><TD
ALIGN="LEFT"
VALIGN="MIDDLE"
>default_md</TD
><TD
ALIGN="LEFT"
VALIGN="MIDDLE"
>Selects which digest method to use</TD
></TR
><TR
><TD
ALIGN="LEFT"
VALIGN="MIDDLE"
>x509_extensions</TD
><TD
ALIGN="LEFT"
VALIGN="MIDDLE"
><A
HREF="language.types.string.html"
>string</A
></TD
><TD
ALIGN="LEFT"
VALIGN="MIDDLE"
>x509_extensions</TD
><TD
ALIGN="LEFT"
VALIGN="MIDDLE"
>Selects which extensions should be used when creating an x509
         certificate</TD
></TR
><TR
><TD
ALIGN="LEFT"
VALIGN="MIDDLE"
>req_extensions</TD
><TD
ALIGN="LEFT"
VALIGN="MIDDLE"
><A
HREF="language.types.string.html"
>string</A
></TD
><TD
ALIGN="LEFT"
VALIGN="MIDDLE"
>req_extensions</TD
><TD
ALIGN="LEFT"
VALIGN="MIDDLE"
>Selects which extensions should be used when creating a CSR</TD
></TR
><TR
><TD
ALIGN="LEFT"
VALIGN="MIDDLE"
>private_key_bits</TD
><TD
ALIGN="LEFT"
VALIGN="MIDDLE"
><A
HREF="language.types.html#language.types.integer"
>integer</A
></TD
><TD
ALIGN="LEFT"
VALIGN="MIDDLE"
>default_bits</TD
><TD
ALIGN="LEFT"
VALIGN="MIDDLE"
>Specifies how many bits should be used to generate a private
          key</TD
></TR
><TR
><TD
ALIGN="LEFT"
VALIGN="MIDDLE"
>private_key_type</TD
><TD
ALIGN="LEFT"
VALIGN="MIDDLE"
><A
HREF="language.types.html#language.types.integer"
>integer</A
></TD
><TD
ALIGN="LEFT"
VALIGN="MIDDLE"
>none</TD
><TD
ALIGN="LEFT"
VALIGN="MIDDLE"
>Specifies the type of private key to create.  This can be one
          of <TT
CLASS="constant"
><B
>OPENSSL_KEYTYPE_DSA</B
></TT
>,
          <TT
CLASS="constant"
><B
>OPENSSL_KEYTYPE_DH</B
></TT
> or
          <TT
CLASS="constant"
><B
>OPENSSL_KEYTYPE_RSA</B
></TT
>.
          The default value is <TT
CLASS="constant"
><B
>OPENSSL_KEYTYPE_RSA</B
></TT
> which
          is currently the only supported key type.
         </TD
></TR
><TR
><TD
ALIGN="LEFT"
VALIGN="MIDDLE"
>encrypt_key</TD
><TD
ALIGN="LEFT"
VALIGN="MIDDLE"
><A
HREF="missing-stuff.html#language.types.boolean"
>booean</A
></TD
><TD
ALIGN="LEFT"
VALIGN="MIDDLE"
>encrypt_key</TD
><TD
ALIGN="LEFT"
VALIGN="MIDDLE"
>Should an exported key (with passphrase) be encrypted?</TD
></TR
></TBODY
></TABLE
></DIV
>
    </P
><P
>&#13;     Devuelve <TT
CLASS="constant"
><B
>TRUE</B
></TT
> si todo fue bien, <TT
CLASS="constant"
><B
>FALSE</B
></TT
> en caso de fallo.
    </P
><P
>&#13;     <TABLE
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
CLASS="EXAMPLE"
><TR
><TD
><DIV
CLASS="example"
><A
NAME="AEN55811"
></A
><P
><B
>Ejemplo 1. <B
CLASS="function"
>openssl_csr_new()</B
> example - creating a
       self-signed-certificate</B
></P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
CELLPADDING="5"
><TR
><TD
><PRE
CLASS="php"
>// Fill in data for the distinguished name to be used in the cert
// You must change the values of these keys to match your name and
// company, or more precisely, the name and company of the person/site
// that you are generating the certificate for.
// For SSL certificates, the commonName is usually the domain name of
// that will be using the certificate, but for S/MIME certificates,
// the commonName will be the name of the individual who will use the
// certificate.
$dn = array(
    "countryName" =&#62; "UK",
    "stateOrProvinceName" =&#62; "Somerset",
    "localityName" =&#62; "Glastonbury",
    "organizationName" =&#62; "The Brain Room Limited",
    "organizationalUnitName" =&#62; "PHP Documentation Team",
    "commonName" =&#62; "Wez Furlong",
    "emailAddress" =&#62; "wez@php.net"
);

// Generate a new private (and public) key pair
$privkey = openssl_pkey_new();

// Generate a certificate signing request
$csr = openssl_csr_new($dn, $privkey);

// You will usually want to create a self-signed certificate at this
// point until your CA fulfills your request.
// This creates a self-signed cert that is valid for 365 days
$sscert = openssl_csr_sign($csr, null, $privkey, 365);

// Now you will want to preserve your private key, CSR and self-signed
// cert so that they can be installed into your web server, mail server
// or mail client (depending on the intended use of the certificate).
// This example shows how to get those things into variables, but you
// can also store them directly into files.
// Typically, you will send the CSR on to your CA who will then issue
// you with the "real" certificate.
openssl_csr_export($csr, $csrout) and debug_zval_dump($csrout);
openssl_x509_export($sscert, $certout) and debug_zval_dump($certout);
openssl_pkey_export($privkey, $pkeyout, "mypassword") and debug_zval_dump($pkeyout);

// Show any errors that occurred here
while (($e = openssl_error_string()) !== false) {
    echo $e . "\n";
}</PRE
></TD
></TR
></TABLE
></DIV
></TD
></TR
></TABLE
>
    </P
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="function.openssl-csr-export.html"
ACCESSKEY="P"
>Anterior</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
ACCESSKEY="H"
>Inicio</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="function.openssl-csr-sign.html"
ACCESSKEY="N"
>Siguiente</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>openssl_csr_export</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="ref.openssl.html"
ACCESSKEY="U"
>Subir</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>openssl_csr_sign</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional