Skip to content
OpenSSL PHP Toolkit Library
PHP
Branch: master
Clone or download
Pull request Compare This branch is even with hsdn:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
src
README.md

README.md

OpenSSL PHP Toolkit Library

PHP library to work with the functions of OpenSSL. Unlike the standard functionality available in the PHP openssl module (http://php.net/manual/en/ref.openssl.php), this library supports the standard OpenSSL database of certificates. Perfect for organizing a full OpenSSL PKI functionality in PHP. See tutorial http://pki-tutorial.readthedocs.org/en/latest/simple/index.html about the PKI functions in OpenSSL.

Features:

  • Generate RSA private keys in DER, NET or PEM formats
  • Convert RSA private keys to DER, NET, PEM formats
  • Create a Certificate requests in DER, NET or PEM formats
  • CA Signing a Certificate requests with OpenSSL Database (using config)
  • Create a Certificates in DER, NET or PEM formats
  • Convert Certificates to DER, NET or PEM formats
  • Verifying a Certificates
  • Get info from Certificates
  • Create Certificate Revocation Lists (CRL)
  • Revoke a Certificates on Certificate Revocation Lists
  • Convert CRL to DER and PEM formats
  • Concert Keys and Certificates to PKCS#12 format
  • Concert PKCS#12 format Keys and Certificates to PEM format

Requirements:

Examples (for a PKI functions):

<?php
require_once 'src/Openssl.php';

$openssl = new OpenSSL;

// Database configurations 
// See http://pki-tutorial.readthedocs.org/en/latest/simple/index.html#configuration-files
$openssl->config   = 'PKI/openssl.cnf'; 
$openssl->temp_dir = 'PKI/tmp';

// Create private key
$key = $openssl->rsa_new(FALSE, 1024, 'password', FALSE, 'des3');
	
// Create signing request
$subj = array
(
	'C' => 'RU', 
	'ST' => 'Moscow', 
	'L' => 'Moscow Region', 
	'O' => 'My Company', 
	'OU' => 'Company Unit', 
	'CN' => 'Real Name', 
	'emailAddress' => 'my@email.com'
);

$csr = $openssl->csr_new($key, FALSE, $subj, 'password');

// Sign a certificate request
echo $openssl->csr_sign($csr, FALSE, 'CApassword', 'client_cert');

// Create CRL
$openssl->crl_new(FALSE, 'CApassword');

// Revoke the certificate
$openssl->crl_revoke(file_get_contents('PKI/certs/14.pem'), 'CApassword');
You can’t perform that action at this time.